| 文件名 | WINWORD.EXE |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.212.174 |
| 数据库版本 | 2025-04-07 11:01:00 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
f900e1bd2e84cb22242b199fd07097e4
|
|
| SHA1 |
21e18039b1ea04208ebff8faf626f19e3d3fd8ce
|
|
| SHA256 |
d63133ba1e758f5c63237894c6e6463989f1caa61e4399af560c1b6b1e724547
|
|
| SHA512 |
7770b359a326990e218e54c7c7df9b7d2839617a301429000ba133b5c36cf08c2328d264029b91cbf78fd71c78daf2d019d96f1a68bea3e2e6a2e9bfea1c6b9b
|
|
| ImpHash |
1829f1b0c3ce0617606df3b21395a584
|
| 图标 |
哈希: b550a4e6c88b66b331a3cf605e0b889d
模糊: 05d37c9652061e68a467d01d6b3a8b84 dHash: 308a8a8c8c8a8a30 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140001510 |
| 编译时间 | 2025-02-24 19:08:28 |
| 校验和 | 0x001e3b4f (实际: 0x001e3b4f) |
| 操作系统版本 | 6.1 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | D:\dbs\el\zlt\Target\x64\ship\postc2r\x-none\winword.pdb |
| 数字签名 | OK |
| 导入 | 11 库 |
| 导出 | 1 函数 |
| 资源 | 300 资源 |
| 节 | 7 节 |
| CompanyName | Microsoft Corporation |
| FileDescription | Microsoft Word |
| FileVersion | 16.0.10416.20073 |
| InternalName | WinWord |
| LegalTrademarks1 | Microsoft® is a registered trademark of Microsoft Corporation. |
| LegalTrademarks2 | Windows® is a registered trademark of Microsoft Corporation. |
| OriginalFilename | WinWord.exe |
| ProductName | Microsoft Office |
| ProductVersion | 16.0.10416.20073 |
| Translation | 0x0000 0x04e4 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
5,520 bytes | 5,632 bytes | 5.96 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
8F4E6E292AB17AA321AD414434E52D61 |
.rdata |
0x00003000 |
5,462 bytes | 5,632 bytes | 4.20 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C003CE1845F6D6583F42568637FE33DD |
.data |
0x00005000 |
1,652 bytes | 512 bytes | 0.51 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
598D15D20B39591EC678F1D75178000B |
.pdata |
0x00006000 |
648 bytes | 1,024 bytes | 2.79 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1E72F3CBF8AB03766075EE35833B17EB |
.c2r |
0x00007000 |
296 bytes | 512 bytes | 1.71 (正常) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
24C75325D4617250A1CCAA84C4F80853 |
.rsrc |
0x00008000 |
1,936,116 bytes | 1,936,384 bytes | 3.65 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
CAD8CA549F420C536CA105689D8A69FC |
.reloc |
0x001e1000 |
40 bytes | 512 bytes | 0.55 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
401402794F17039323413034C3F8E0A7 |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| EDPENLIGHTENEDAPPINFOID | 1 | 2 字节 | |
| EDPPERMISSIVEAPPINFOID | 1 | 2 字节 | |
| RT_ICON | 279 | 1,911,326 字节 | |
| RT_GROUP_ICON | 17 | 4,008 字节 | |
| RT_VERSION | 1 | 2,044 字节 | |
| RT_MANIFEST | 1 | 3,913 字节 |
| 产品 | Microsoft Office |
| 描述 | Microsoft Word |
| 文件版本 | 16.0.10416.20073 |
| 原始名称 | WinWord.exe |
| 签名日期 | 07:10 PM 02/24/2025 (103 天前) |
| 验证状态 | Signed |
| 签名者 | Microsoft Corporation; Microsoft Code Signing PCA 2011; Microsoft Root Certificate Authority 2011 |
| 副签名者 | Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010 |
| 内部名称 | WinWord |
33 00 00 04 03 BD D5 95 5D 0F 3B 18 AD 00 00 00 00 04 0361 0E 90 D2 00 00 00 00 00 0333 00 00 01 FE D0 A8 C2 7B 34 21 0B 01 00 01 00 00 01 FE33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15✓ 此文件已进行数字签名,证书链已验证。
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
