| 文件名 | MoUsoCoreWorker.exe |
| 文件类型 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| 扫描器版本 | 1.0.142.174 |
| 数据库版本 | 2023-10-08 05:01:37 UTC |
我们的扫描器未检测到威胁
| 哈希类型 | 值 | 操作 |
|---|---|---|
| MD5 |
64d847c80c79175949fb582e76989fed
|
|
| SHA1 |
63960672bf1164866b15f99c1e261812461c5d83
|
|
| SHA256 |
fb98f1c124103d73726722bdaf2d47d0fa9b188084c1ed418e5eb2f80a3e9f31
|
|
| SHA512 |
76bf6c2ec68e3d5e77ff3c771c4d41f4b69b719a0845bc8a847dac72e18fb3a74f674eb74dac3215eaaca36b064af90bd87165a0871b3ed013cb81e1757cdb8a
|
|
| ImpHash |
319c32ef05db731cf5427c5a788516cc
|
| 映像基址 | 0x140000000 |
| 入口点 | 0x1401fe800 |
| 编译时间 | 2067-07-26 20:05:28 |
| 校验和 | 0x0034f713 (实际: 0x0034f713) |
| 操作系统版本 | 10.0 |
| PEiD 签名 |
PE32+ executable (GUI) x86-64, for MS Windows
|
| PDB 路径 | MoUsoCoreWorker.pdb |
| 数字签名 | OK |
| 导入 | 77 库 |
| 导出 | 0 函数 |
| 资源 | 5 资源 |
| 节 | 8 节 |
| Microsoft Windows Production PCA 2011 | Microsoft Corporation (US) |
| Microsoft Root Certificate Authority 2010 | Microsoft Corporation (US) |
| CompanyName | Microsoft Corporation |
| FileDescription | MoUSO Core Worker Process |
| FileVersion | 1023.725.1162.0 |
| InternalName | MoUSO Core Worker Process |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | MoUSOCoreWorker.exe |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 1023.725.1162.0 |
| Translation | 0x0409 0x04b0 |
| 名称 | 虚拟地址 | 虚拟大小 | 原始大小 | 熵 | 特征 | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
2,276,204 bytes | 2,276,352 bytes | 6.45 (正常) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
8038161C548403F54EAE29CBD9495F28 |
.rdata |
0x0022d000 |
935,650 bytes | 935,936 bytes | 5.08 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
4BFF53C26483121E00856A7B6958B4DB |
.data |
0x00312000 |
93,576 bytes | 86,528 bytes | 3.36 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
26ED6F96F6A214DFCDA1E3F13264E8B5 |
.pdata |
0x00329000 |
91,488 bytes | 91,648 bytes | 6.19 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
8B3805763FDA90663612E421AFFFA12B |
.didat |
0x00340000 |
128 bytes | 512 bytes | 0.94 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
2EBD4399C21808D75ADA0391E3FCDE27 |
_RDATA |
0x00341000 |
252 bytes | 512 bytes | 2.41 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
FA2D648A74BB92519E9B0D9262B0DE64 |
.rsrc |
0x00342000 |
2,304 bytes | 2,560 bytes | 4.05 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
78C5B226A4B03FFF8D4C85C910A4E946 |
.reloc |
0x00343000 |
23,068 bytes | 23,552 bytes | 5.43 (正常) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
035C2DEBF02FD2F004B70AFE5DB071A9 |
| 资源类型 | 数量 | 总大小 | 百分比 |
|---|---|---|---|
| REGISTRY | 2 | 398 字节 | |
| RT_STRING | 1 | 208 字节 | |
| RT_VERSION | 1 | 920 字节 | |
| RT_MANIFEST | 1 | 381 字节 |
| 主题 |
Microsoft Windows Microsoft Corporation US |
| 颁发者 | Microsoft Windows Production PCA 2011 |
| 序列号 | 1137338010553660565657068218711909620219118613 |
| 主题 |
Microsoft Windows Production PCA 2011 Microsoft Corporation US |
| 颁发者 | Microsoft Root Certificate Authority 2010 |
| 序列号 | 458207203049816025202696 |
OK
Gridinsoft Anti-Malware 拥有更强大的病毒扫描引擎。我们建议使用它来更准确地诊断受感染的系统。这个简短的指南将帮助您安装我们的旗舰产品以进行更准确的诊断:
下载反恶意软件此文件看起来是干净的,但定期的安全维护很重要
