| File Name | (数字密码未知欢迎解密)开.exe |
| File Type |
Win32 EXE
|
| Magic Bytes | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
| SSDEEP Hash |
24576:7GRXQlFED4/M8VILDlEHwTErs9744blYyy6gUL+KsXdmNw/xNr2Tnor6sQ:7REqVS6vr27vJB/+wC6nkG
|
| Scanner Version | 1.0.222.174 |
| Database Version | 2025-07-29 10:00:15 UTC |
Detected by 30 security engines - requires caution
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
c434060135af7440c457927833d5cbc9
|
|
| SHA1 |
477a3b508b7ab9ca8fba7d1d316f4c63e3f9bc02
|
|
| SHA256 |
2939de6bbd4154a20affcdab4ea90ac8f86ce2d394ffb5801715bd5ef54b9fa6
|
|
| SHA512 |
d7d8f7dd0bb3d4cad53a49b99dc28d6dcea7938fa11fed4539f059dda381159fbb7ce87a53d17ca30538089a0c8e53a6dba15a290b07a610858a963a10c38e2a
|
|
| ImpHash |
8c4c69111630d8599dacdb4710373322
|
| Icon |
Hash: e32d6a6890ce6375babe5961a9e38bff
Fuzzy: d898fa966335c88f09b3e90621081818 dHash: 4016d63316969640 |
| Image Base | 0x00400000 |
| Entry Point | 0x005b48a0 |
| Compilation Time | 2020-04-20 08:27:23 |
| Checksum | 0x00000000 (Actual: 0x001bd2b0) |
| OS Version | 4.0 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
| Digital Signature | No valid SignedData structure was found. |
| Imports |
8 libraries
ADVAPI32, GDI32, KERNEL32, SETUPAPI, SHELL32, SHLWAPI, USER32, VERSION |
| Exports | 0 functions |
| Resources | 15 Resources |
| Sections | 3 Sections |
| CompanyName | |
| FileDescription | 刷机解锁 Microsoft 基础类应用程序 |
| FileVersion | 1, 0, 0, 1 |
| InternalName | 刷机解锁 |
| LegalCopyright | 版权所有 (C) 2013 |
| LegalTrademarks | |
| OriginalFilename | 刷机解锁.EXE |
| ProductName | 刷机解锁 应用程序 |
| ProductVersion | 1, 0, 0, 1 |
| Translation | 0x0804 0x04b0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
UPX0 |
0x00001000 |
417,792 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
UPX1 |
0x00067000 |
1,368,064 bytes | 1,367,040 bytes | 7.90 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
70BB55368780E9FB3AE91653EA8972D7 |
.rsrc |
0x001b5000 |
12,288 bytes | 8,704 bytes | 4.76 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
476D3C75E0E2F654D72CC6A1B811846A |
1 section(s) with high entropy (≥7.5) detected - possible packing/encryption
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| SCRIPT | 5 | 954,928 bytes | |
| RT_ICON | 1 | 4,648 bytes | |
| RT_DIALOG | 6 | 866 bytes | |
| RT_GROUP_ICON | 1 | 20 bytes | |
| RT_VERSION | 1 | 716 bytes | |
| RT_MANIFEST | 1 | 1,528 bytes |
| Product | 刷机解锁 应用程序 |
| Description | 刷机解锁 Microsoft 基础类应用程序 |
| File Version | 1, 0, 0, 1 |
| Original Name | 刷机解锁.EXE |
| Internal Name | 刷机解锁 |
| Copyright | 版权所有 (C) 2013 |
✓ This file has been digitally signed and the certificate chain has been verified
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
