| 在线病毒检测器 | v.1.0.170.174 |
| 数据库版本: | 2024-04-01 18:00:39 |
“Patcher”通常指的是一种用于修改或“修补”其他软件的软件或工具,通常是为了绕过许可限制或启用未经授权的使用。这些工具通常与软件盗版和非法分发相关联。
| File | kdmapper.exe |
| 已检查 | 2024-04-01 15:39:48 |
| MD5 | 5412a2337ab9a6cc8139ed52b77aeb70 |
| SHA1 | f5522a2615740d2300d677065f0beedc57cca65b |
| SHA256 | d89c19811dc28f29d85dabf210e5a67e89320c1fa2d579aa0a0d70e3dbb6f89b |
| SHA512 | 91dcfcd2cd46e95e662b810372dec86bd890ba5cefe3aadc29ee8b0ad216645af9c6b3dcfd223fd95ff0a1dd196c34a1eb30ac5b2cb5e65e289b5d77c9fa6d08 |
| Imphash | c3a4e78895d8e2183e503db5ac8a731c |
| File Size | 136704 bytes |
Gridinsoft能够识别并消除Hack.Win64.Patcher.cl,无需进一步的用户干预。
| Image Base: | 0x140000000 |
| Entry Point: | 0x14000f15c |
| Compilation: | 2023-06-09 17:45:36 |
| Checksum: | 0x00000000 (Actual: 0x0002ab1f) |
| OS Version: | 6.0 |
| PDB Path: | C:\Users\abdoo\Desktop\Folders\kdmapper-master\x64\Release\kdmapper.pdb |
| PEiD: | PE32+ executable (console) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 6 |
| Imports: | KERNEL32, ADVAPI32, MSVCP140, ntdll, VCRUNTIME140_1, VCRUNTIME140, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-utility-l1-1-0, api-ms-win-crt-filesystem-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-time-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-locale-l1-1-0, api-ms-win-crt-math-l1-1-0, |
| Exports: | 0 |
| Resources: | 1 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0000f2a8 | 0x0000f400 | 4ac5e56dd3ff9f7d6c9aa83d0eaaf2d1 | 6.22 |
| .rdata | 0x00011000 | 0x000104d0 | 0x00010600 | f3c4f763e390b59163963f01c55b210d | 5.78 |
| .data | 0x00022000 | 0x00000da0 | 0x00000600 | fc5ef45a48d551109d4768fbae8de280 | 3.50 |
| .pdata | 0x00023000 | 0x00000ce4 | 0x00000e00 | d143560be3a9e2b2c35f68f9c6c477b5 | 4.61 |
| .rsrc | 0x00024000 | 0x000001e8 | 0x00000200 | 971a6bbdae0e0e43dfd18434202d1eec | 4.77 |
| .reloc | 0x00025000 | 0x00000104 | 0x00000200 | 6dfdae0a7581fae0ed84621d18f0c3c1 | 3.22 |
