| 文件名 | efe015ab3269359ca9ed2159a673e48255ce64b2367cb149a5702e3d0b08b831.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.141.174 |
| 数据库版本 | 2023-10-05 09:06:41 UTC |
恶意软件家族: Gen
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
0f33c9af251b7e586a593f00b69217f0
|
|
| SHA1 |
ddb8b08e490a6544df9cc95895db01e9afdb2ca1
|
|
| SHA256 |
efe015ab3269359ca9ed2159a673e48255ce64b2367cb149a5702e3d0b08b831
|
|
| SHA512 |
2e08fca759bc47d729ea6c02fb1105adb5d1fa399945c7c4bdb04108b799f92a03557050af8db7d4c91f299667a10e0179e78105c175d2d7148d25c13b9457ec
|
|
| ImpHash |
72b6c52c0d5dbc2ee054d5cae5c0510a
|
| 映像基址 | 0x140000000 |
| 入口点 | 0x140077494 |
| 编译时间 | 2023-09-05 04:41:42 |
| 校验和 | 0x000b4f2f (实际: 0x000b4f2f) |
| 操作系统版本 | 6.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | E:\Workspace\Noping\service.notification.center\x64\Release\service.notification.center.pdb |
| 数字签名 | SignerInfo.digestEncryptionAlgorithm: 1.2.840.10045.2.1 is not acceptable as encryption algorithm |
| 导入 | 19 库 |
| 导出 | 18 函数 |
| 资源 | 1 资源 |
| 节 | 6 节 |
| DigiCert Assured ID Root CA | DigiCert Inc (US) |
| SSL.com EV Code Signing Intermediate CA RSA R3 | 1NCRÍVEL SISTEMAS LTDA (BR) |
| SSL.com EV Root Certification Authority RSA R2 | SSL Corporation (US) |
| DigiCert Trusted Root G4 | DigiCert, Inc. (US) |
| DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA | DigiCert, Inc. (US) |
| SSL.com EV Root Certification Authority RSA R2 | SSL Corp (US) |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
517,668 bytes | 518,144 bytes | 5.84 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
CDD350770DC062EF445CAAD1BF5E21E5 |
.rdata |
0x00080000 |
151,824 bytes | 152,064 bytes | 4.75 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A9891F21BC8E2EA07E3A65BF20C25256 |
.data |
0x000a6000 |
17,224 bytes | 9,216 bytes | 4.67 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
4D9E4C113C6416BAB3C230F02570D95C |
.pdata |
0x000ab000 |
37,584 bytes | 37,888 bytes | 5.67 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F77B1187BD0DC17837BEC5CAD392BE39 |
.rsrc |
0x000b5000 |
488 bytes | 512 bytes | 4.77 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A61C45A2512F4503A6043FA04C0AD54E |
.reloc |
0x000b6000 |
1,400 bytes | 1,536 bytes | 5.14 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
89AD07C96C29D1C7A68C6550DE365914 |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_MANIFEST | 1 | 392 字节 |
| 主题 |
DigiCert Trusted Root G4 DigiCert Inc US |
| 颁发者 | DigiCert Assured ID Root CA |
| 序列号 | 19414496059604725969669510860671817818 |
| 主题 |
1NCRÍVEL SISTEMAS LTDA 1NCRÍVEL SISTEMAS LTDA BR |
| 颁发者 | SSL.com EV Code Signing Intermediate CA RSA R3 |
| 序列号 | 111450557511039747977626468400718889923 |
| 主题 |
SSL.com EV Root Certification Authority RSA R2 SSL Corporation US |
| 颁发者 | SSL.com EV Root Certification Authority RSA R2 |
| 序列号 | 6248227494352943350 |
| 主题 |
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA DigiCert, Inc. US |
| 颁发者 | DigiCert Trusted Root G4 |
| 序列号 | 9586110043380832440035821245782711899 |
| 主题 |
DigiCert Timestamp 2023 DigiCert, Inc. US |
| 颁发者 | DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA |
| 序列号 | 7002784885422699301467740558332354838 |
| 主题 |
SSL.com EV Code Signing Intermediate CA RSA R3 SSL Corp US |
| 颁发者 | SSL.com EV Root Certification Authority RSA R2 |
| 序列号 | 88120626561545005758442085613766983940 |
SignerInfo.digestEncryptionAlgorithm: 1.2.840.10045.2.1 is not acceptable as encryption algorithm
建议: 验证文件来源并确保它来自可信的发布者.
按照以下步骤完全从系统中移除威胁
