| 在线病毒检测器 | v.1.0.139.174 |
| 数据库版本: | 2023-09-22 17:02:44 |
“Heur”代表“启发式”,这意味着我们使用一组规则、算法或行为分析来检测潜在的威胁,这些威胁可能没有特定的已知签名。这是一种主动的方法,用于识别可能表示特洛伊木马或其他恶意软件存在的可疑行为或代码模式。该文件的行为或特征触发了启发式分析,可能是恶意的迹象。然而,并不一定意味着该文件确实是特洛伊木马。它也可能是误报,即合法程序展示出类似恶意活动的行为。
| File | PaleoScan |
| 已检查 | 2023-09-22 15:15:17 |
| MD5 | a3dae7bffce2e4ab11fe69bb66d0559c |
| SHA1 | 035d147cbbe7c172bfebd57f3738ccab0182c650 |
| SHA256 | effeee653ee42dbb987274fe3d7947a83d99e8325d8b3e37f9a90966b8558702 |
| SHA512 | f52b3917fbe876a50709db835a710a677e9585b3c55a3565f960e13bac30e8c7d1c68e564865b7851593f4387f164c4dfef95224f95f74b732f6e24ff95a49c7 |
| Imphash | bdb8209e92517b05c0d878e59e377155 |
| File Size | 9080320 bytes |
Gridinsoft能够识别并消除Trojan.Heur!.02052023,无需进一步的用户干预。
| CompanyName | Eliis |
| FileDescription | PaleoScan - A Breakthrough in Seismic Interpretation |
| FileVersion | 1.8.0.0 |
| InternalName | PaleoScan |
| LegalCopyright | Copyright © 2017 |
| OriginalFilename | PaleoScan.exe |
| ProductName | PaleoScan |
| ProductVersion | 1.8.0.0 |
| Translation | 0x0409 0x04b0 |
 |
b9cf7ea8ef13311c3d117c1c4aed2f39 d5b6bc51135c2d59beb995c723d4a090 71f0f0f0f0f0f0f0 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x1401dd794 |
| Compilation: | 2023-08-01 07:36:05 |
| Checksum: | 0x00000000 (Actual: 0x008ad52e) |
| OS Version: | 6.0 |
| PDB Path: | E:\Jenkins\workspace\8.1_PS_Release_master\paleoscanproduct\bin\ps_ow_connect.pdb |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 9 |
| Imports: | owdevkit11_10, LGCbase11_10, LGCsdl11_10, propertybrowserLib, mdprocess, faultsLib, eventbuslib, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-convert-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-environment-l1-1-0, api-ms-win-crt-filesystem-l1-1-0, api-ms-win-crt-utility-l1-1-0, api-ms-win-crt-heap-l1-1-0, VCRUNTIME140, VCRUNTIME140_1, SHELL32, NETAPI32, COMCTL32, WSOCK32, ole32, SHLWAPI, KERNEL32, USER32, COMDLG32, ADVAPI32, OLEAUT32, GLU32, OPENGL32, Qt5Widgets, Qt5Gui, Qt5Xml, Qt5Sql, Qt5Network, Qt5Concurrent, Qt5Core, eliis, psWidgets, MSVCP140, VCOMP140, WS2_32, gdal300, proj_6_2, api-ms-win-crt-time-l1-1-0, api-ms-win-crt-locale-l1-1-0, dhcpcsvc, WINTRUST, CRYPT32, |
| Exports: | 52 |
| Resources: | 9 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | MD5 | 熵 |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00209fe7 | 0x0020a000 | e45df97b17d88901f19017e9a04eeb3d | 6.42 |
| .textidx | 0x0020b000 | 0x000949b5 | 0x00094a00 | 6f3cd906cda2f359b5cf2bb01aec87fd | 6.10 |
| .rdata | 0x002a0000 | 0x005b431c | 0x005b4400 | 5a27d019e9ddf5ecd13f3aa4607d85a3 | 7.27 |
| .data | 0x00855000 | 0x000192b8 | 0x00011c00 | 28ec4329f8823530ca5e6095aa578af5 | 4.47 |
| .pdata | 0x0086f000 | 0x0001ae14 | 0x0001b000 | ef349428da6d215cb0a7f195443a275a | 6.21 |
| .fnp_dir | 0x0088a000 | 0x00000078 | 0x00000200 | 38af43d61a4127d1eea12b4ae15c6786 | 0.90 |
| .fnp_mar | 0x0088b000 | 0x00000001 | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
| .rsrc | 0x0088c000 | 0x00023088 | 0x00023200 | b7726c47e8b22321b9d758004d5690cd | 7.19 |
| .reloc | 0x008b0000 | 0x00005a00 | 0x00005a00 | e0c49ba81007463d9d0ea3ba41bd3a18 | 5.46 |
