| 文件名 | vanguard_emulator.exe |
| 文件类型 |
Win32 EXE
|
| 魔术字节 | PE32+ executable (console) x86-64, for MS Windows |
| SSDEEP 哈希 |
24576:c+NflSwrdIkGPnvZfCV3mGM+Ec0xMk58UsU3AoMTnZ6hHEtry:/NflSwrJAfCIwTnZ6hHEtry
|
| 扫描器版本 | 1.0.229.174 |
| 数据库版本 | 2025-12-01 04:00:28 UTC |
被 31 个安全引擎检测到 - 需要谨慎
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
44dad6e3eb2597c5f64165731c033ac7
|
|
| SHA1 |
a3e4cb6847723be31c04bfaadef98ac9941ba291
|
|
| SHA256 |
f54ad11c323d0ba288c8b7f8112c2d496063725654037e02ebcd347840a83b08
|
|
| SHA512 |
5af7a9f9de0bc6ae770173d61997b9b448cf88b5c8b53f469cabeeee2f070efad63ac94a0899a77289235c5e66eb48ed50cfd243e376f8436ab8be491a21cc56
|
|
| ImpHash |
0793745b16b74adae9363e1bb5c0c891
|
| 映像基址 | 0x140000000 |
| 入口点 | 0x1400014e0 |
| 编译时间 | 2025-11-18 07:24:54 |
| 校验和 | 0x002eff19 (实际: 0x002eff19) |
| 操作系统版本 | 4.0 |
| PEiD 签名 |
PE32+ executable (console) x86-64, for MS Windows
|
| 数字签名 | No valid SignedData structure was found. |
| 导入 |
3 库
ADVAPI32, KERNEL32, msvcrt |
| 导出 | 0 函数 |
| 资源 | 1 资源 |
| 节 | 19 节 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
819,800 bytes | 820,224 bytes | 6.15 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES
|
C92F89945C397D7157E847DC89AE59BC |
.data |
0x000ca000 |
12,016 bytes | 12,288 bytes | 0.30 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_32BYTES
|
5072666FC76A33D95E379A19BB7DD18B |
.rdata |
0x000cd000 |
71,552 bytes | 71,680 bytes | 4.83 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_32BYTES
|
D5DF2B88F3F94ED1E92F2006C14A5751 |
.pdata |
0x000df000 |
48,744 bytes | 49,152 bytes | 6.01 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES
|
631EA3D1295BAB1A9FBDD808857167DF |
.xdata |
0x000eb000 |
69,408 bytes | 69,632 bytes | 4.96 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES
|
4AAEFF3AC67FC9034EB17650068F90F5 |
.bss |
0x000fc000 |
4,144 bytes | 0 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_32BYTES
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x000fe000 |
6,592 bytes | 6,656 bytes | 4.64 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES
|
17F14EC5FA156F2F0F2E3DE93BF91814 |
.CRT |
0x00100000 |
112 bytes | 512 bytes | 0.42 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES
|
41EFB8F0F20E39F8DC35D4B300D0CE57 |
.tls |
0x00101000 |
16 bytes | 512 bytes | 0.00 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES
|
BF619EAC0CDF3F68D496EA9344137E8B |
.rsrc |
0x00102000 |
1,256 bytes | 1,536 bytes | 4.78 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES
|
E4ADC98B726A115CA2B30D1D5A96AD6D |
.reloc |
0x00103000 |
6,140 bytes | 6,144 bytes | 5.43 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES
|
F8BA8DFD5C479C7B608ABE1AFD380143 |
/4 |
0x00105000 |
2,704 bytes | 3,072 bytes | 1.80 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES
|
7D55B0650A868B064C1690855ADB6FB1 |
/19 |
0x00106000 |
122,117 bytes | 122,368 bytes | 5.98 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
8875FEDEDCB36D1C6AB36BBF0CD754D4 |
/31 |
0x00124000 |
20,525 bytes | 20,992 bytes | 4.73 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
CD67C9B60A9C9F53586585D63A0870A3 |
/45 |
0x0012a000 |
57,598 bytes | 57,856 bytes | 5.37 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
C28FF157B84054B8399EF05BEBFE6855 |
/57 |
0x00139000 |
14,320 bytes | 14,336 bytes | 3.72 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_8BYTES
|
505D8894361F102A45D00759882358F9 |
/70 |
0x0013d000 |
3,213 bytes | 3,584 bytes | 4.74 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
F1B261F3B86BADB9F618827C899827C6 |
/81 |
0x0013e000 |
156,490 bytes | 156,672 bytes | 2.78 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
23ECACE6D54FD23633599588EF3663EA |
/92 |
0x00165000 |
9,328 bytes | 9,728 bytes | 1.81 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
4CE58FEF2E8D39B359BB92D13756D6E7 |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| RT_MANIFEST | 1 | 1,167 字节 |
此文件未进行数字签名。
⚠ 此文件缺少数字签名或证书链无法验证。
执行来自未知来源的未签名文件时请谨慎。
No valid SignedData structure was found.
建议: 验证文件来源并确保它来自可信的发布者.
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
保持无恶意软件:使用 Gridinsoft 反恶意软件 保护您的 PC
Gridinsoft 反恶意软件正是如此——提供强大、用户友好的解决方案,让您安心,并不断更新以应对最新威胁。由网络安全专家设计,它提供实时保护和轻松删除恶意软件。这不仅仅是检测威胁;它是通过不间断的安全来增强您的数字生活。试一试,体验无忧浏览的感觉!
