| File Name | 金融大师.exe |
| File Type |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
| Scanner Version | 1.0.225.174 |
| Database Version | 2025-09-26 07:00:32 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
064fa34be5381c246670ce6a3c6e19ff
|
|
| SHA1 |
43352a7c221d8d6a11e170eb93ee81c541888123
|
|
| SHA256 |
488f5f361e13482dc12bb7ede24a6b82ce8a68746cec6d49905cd25597c7f2c5
|
|
| SHA512 |
fd387085fcfafb8427edf17403dd6ba7f8aa3363d3226ea33d2279a5098605efce4106e34d0ffb53a4ab1b7ba46b99173853576fc30d49a954b38455919ae4c0
|
|
| ImpHash |
c36dcf754c40a603462159e6f2845adc
|
| Icon |
Hash: 1916febfa964f69698cc096fb83269fd
Fuzzy: 97f0645be61d446dae882183c8de86b2 dHash: b2d4d4dacececc92 |
| Image Base | 0x00400000 |
| Entry Point | 0x033e860c |
| Compilation Time | 2024-06-11 07:40:03 |
| Checksum | 0x00000000 (Actual: 0x00d1d544) |
| OS Version | 5.1 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
| Digital Signature | No valid SignedData structure was found. |
| Imports | 30 libraries |
| Exports | 73 functions |
| Resources | 1604 Resources |
| Sections | 8 Sections |
| Comments | |
| CompanyName | 杭州核新软件技术有限公司(Hexin) |
| FileDescription | 同花顺金融分析平台 |
| FileVersion | 2019, 4, 3, 1 |
| InternalName | E02 |
| LegalCopyright | 版权所有 (C) 1995-2024 |
| LegalTrademarks | |
| OriginalFilename | hexin.exe |
| PrivateBuild | |
| ProductName | 同花顺用户端主程序 |
| ProductVersion | 9,30,49,00 |
| SpecialBuild | |
| Translation | 0x0804 0x04b0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
|
0x00001000 |
21,549,056 bytes | 8,241,664 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
DBD885AD553515C3D98B03924D291DA2 |
|
0x0148e000 |
4,259,840 bytes | 1,184,256 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
C63F779C24A6D0516FF0FFF6F1E1A504 |
|
0x0189e000 |
475,136 bytes | 70,144 bytes | 7.99 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
34A6221CBAEDA62AEAF0CBD189693C77 |
|
0x01912000 |
11,677,696 bytes | 1,182,720 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BFDE135A29D418A134C1B5FB3C139072 |
|
0x02435000 |
1,531,904 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.rsrc |
0x025ab000 |
585,728 bytes | 585,216 bytes | 5.48 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C89BC74AD165A94E7A504E247E82EF00 |
|
0x0263a000 |
7,909,376 bytes | 207,872 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9B1EAD686C3048CFA465F9B1B1681E70 |
.data |
0x02dc5000 |
2,256,896 bytes | 2,255,872 bytes | 7.97 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
5AB8852C0DF1DA5B19014F4F86C52F27 |
6 section(s) with high entropy (≥7.5) detected - possible packing/encryption
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| GIF | 46 | 37,270 bytes | |
| JPEG | 1 | 5,731 bytes | |
| PNG | 3 | 9,913 bytes | |
| WAVE | 1 | 11,444 bytes | |
| RT_CURSOR | 77 | 56,904 bytes | |
| RT_BITMAP | 372 | 10,782,112 bytes | |
| RT_ICON | 145 | 359,510 bytes | |
| RT_MENU | 73 | 42,956 bytes | |
| RT_DIALOG | 299 | 101,254 bytes | |
| RT_STRING | 413 | 142,476 bytes | |
| RT_ACCELERATOR | 5 | 568 bytes | |
| RT_RCDATA | 1 | 35,908 bytes | |
| RT_GROUP_CURSOR | 74 | 1,522 bytes | |
| RT_GROUP_ICON | 86 | 2,532 bytes | |
| RT_VERSION | 1 | 844 bytes | |
| RT_HTML | 2 | 4,552 bytes | |
| RT_MANIFEST | 2 | 1,403 bytes | |
| None | 3 | 143 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware
Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!
