| 文件名 | ec0ec7ce8ef71cb7e7d1c2418c47ad94cea8833db8578ccdf94271f8efed38d3.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.142.174 |
| 数据库版本 | 2023-10-09 17:02:07 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
7cd339f9be1417421acf8790c9738922
|
|
| SHA1 |
c25eff4d9d2d5b55f1cc4ffc623354004565e8b9
|
|
| SHA256 |
ec0ec7ce8ef71cb7e7d1c2418c47ad94cea8833db8578ccdf94271f8efed38d3
|
|
| SHA512 |
f118ea660a51ff38abc20a9ad16f6505cf8a862df1b564829d9af06710e0c4b91d0abbedc4b852696acf0e807a25138d82c2fc518cd54c32dba92f513467b411
|
|
| ImpHash |
310b1cc8abef97edfcabf0ed406947cf
|
| 图标 |
哈希: f9701898cc62ca8fa2431d1cbb7a0d91
模糊: 8cf551329b1269d3156746ccffa24a2f dHash: d0cc8ecccc8ef0d4 |
| 映像基址 | 0x140000000 |
| 入口点 | 0x140132ebc |
| 编译时间 | 2023-04-15 15:22:57 |
| 校验和 | 0x002e9971 (实际: 0x002e9971) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | C:\Users\rudi\Desktop\git_ultravnc\winvnc\winvnc\x64\Release\winvnc.pdb |
| 数字签名 | OK |
| 导入 | 13 库 |
| 导出 | 51 函数 |
| 资源 | 82 资源 |
| 节 | 7 节 |
| AAA Certificate Services | Sectigo Limited (GB) |
| Sectigo Public Code Signing CA R36 | uvnc bvba (BE) |
| Sectigo Public Code Signing Root R46 | Sectigo Limited (GB) |
| Comments | UltraVNC - Remote Control for all |
| CompanyName | UltraVNC |
| FileDescription | VNC server |
| FileVersion | 1.4.2.0 |
| InternalName | WinVNC |
| LegalCopyright | Copyright © 2021 UltraVNC |
| LegalTrademarks | VNC |
| OriginalFilename | WinVNC.exe |
| PrivateBuild | 1.4.2.0 |
| ProductName | UltraVNC |
| ProductVersion | 1.4.2.0 |
| Translation | 0x0000 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
1,542,688 bytes | 1,543,168 bytes | 6.55 (压缩) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
1552765ED83A35FFE9113B561238B851 |
.rdata |
0x0017a000 |
574,170 bytes | 574,464 bytes | 5.34 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E934C99034E15765D1DB578E6405C7E2 |
.data |
0x00207000 |
644,432 bytes | 8,704 bytes | 3.03 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
2E9734A232D357816E658E855884E1D8 |
.pdata |
0x002a5000 |
48,024 bytes | 48,128 bytes | 6.23 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F67B091706CAA69E143DE9698F72B127 |
_RDATA |
0x002b1000 |
244 bytes | 512 bytes | 2.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E19DCA33925CDCAC4BD0B6CFB1CF0978 |
.rsrc |
0x002b2000 |
820,008 bytes | 820,224 bytes | 6.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
68E21BCC1FC5B35FEA726D0FE6D85503 |
.reloc |
0x0037b000 |
4,672 bytes | 5,120 bytes | 5.26 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
979092F6149455888B9F0F12F09BE6AA |
1 检测到较高熵(≥6.5)的节 - 可能存在压缩
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| AFX_DIALOG_LAYOUT | 6 | 12 字节 | |
| JAVAARCHIVE | 2 | 147,884 字节 | |
| RT_CURSOR | 19 | 32,276 字节 | |
| RT_BITMAP | 6 | 16,600 字节 | |
| RT_ICON | 18 | 593,872 字节 | |
| RT_MENU | 2 | 766 字节 | |
| RT_DIALOG | 10 | 14,330 字节 | |
| RT_STRING | 5 | 7,340 字节 | |
| RT_GROUP_CURSOR | 10 | 326 字节 | |
| RT_GROUP_ICON | 2 | 264 字节 | |
| RT_VERSION | 1 | 876 字节 | |
| RT_MANIFEST | 1 | 903 字节 |
| 主题 |
Sectigo Public Code Signing Root R46 Sectigo Limited GB |
| 颁发者 | AAA Certificate Services |
| 序列号 | 97015870309959729927281967672979788822 |
| 主题 |
uvnc bvba uvnc bvba BE |
| 颁发者 | Sectigo Public Code Signing CA R36 |
| 序列号 | 101038994466143036515266525615653240071 |
| 主题 |
Sectigo Public Code Signing CA R36 Sectigo Limited GB |
| 颁发者 | Sectigo Public Code Signing Root R46 |
| 序列号 | 130417131954583740712891216934480190474 |
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
