Online Virus Checker | v.1.0.193.174 |
DB Version: | 2024-10-18 21:00:27 |
The "Heur" stands for "heuristic," which means we use a set of rules, algorithms, or behavioral analysis to detect potential threats that may not have a specific, known signature. It's a proactive approach to identifying suspicious behavior or code patterns that could indicate the presence of a Trojan or other malware. The file's behavior or characteristics triggered the heuristic analysis as potentially malicious. However, it doesn't necessarily confirm that the file is indeed a Trojan. It could be a false positive, where a legitimate program exhibits behavior that resembles malicious activity.
File | PYG64.dll |
Checked | 2024-10-18 18:33:43 |
MD5 | 8d0bf3ffb4e171e17433b0e80397caa7 |
SHA1 | 27e828ec454eea3105af29fe2073a87e9cffe422 |
SHA256 | 75c193400f9be33b31a8a3c95c5e6b3fbb2724f837c5ef4dbcb336d037360d6f |
SHA512 | 4f491a0b43b2cf36f35f6ff99b4d1f2f707f0aa06d1b44804410f3ec9eba445d54c29fcf3782af78b7570dea760cae911f4dc1de8142162223ce5b6e4593b5a7 |
Imphash | f500aa64fe5766d56f43bd18f6680486 |
File Size | 1397760 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.032920A2 without requiring further user intervention.
Comments | Www.ChinaPYG.CoM |
CompanyName | 飘云阁论坛官方出品 |
FileDescription | Baymax Patch Tools x64 |
FileVersion | 3, 0, 1, 1061 |
InternalName | PYG64.dll |
LegalCopyright | Copyright (C) 2020 |
OriginalFilename | PYG64.dll |
ProductName | PYG64 |
ProductVersion | 3, 0, 1, 1061 |
Translation | 0x0804 0x04b0 |
dc5da33dfaedf1a823c345f3897aaf75 18f0cc81bdb2e12a2b3978ebf14e9a20 8e071d946841398e |
|
Image Base: | 0x180000000 |
Entry Point: | 0x18035ed75 |
Compilation: | 2024-10-13 07:47:47 |
Checksum: | 0x0015180b (Actual: 0x0015e53c) |
OS Version: | 5.2 |
PDB Path: | d:\NsStudy\Home\Baymax\trunk\PatchUi\res\x64\PYG64.pdb |
PEiD: | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
Sign: | No valid SignedData structure was found. |
Sections: | 10 |
Imports: | KERNEL32, USER32, ole32, GDI32, |
Exports: | 1 |
Resources: | 7 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0009254c | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.rdata | 0x00094000 | 0x0015a5c5 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.data | 0x001ef000 | 0x000351b0 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.pdata | 0x00225000 | 0x00006dec | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.Baymax0 | 0x0022c000 | 0x000e650b | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.tls | 0x00313000 | 0x00000030 | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
.Baymax1 | 0x00314000 | 0x0014dddc | 0x0014de00 | 692a32ed119744c8835635bb649055a8 | 7.95 |
.reloc | 0x00462000 | 0x00000044 | 0x00000200 | 0db535a24a9f4b8c48f6f324759c7c4e | 0.68 |
.rsrc | 0x00463000 | 0x00006e48 | 0x00002e00 | 4675d0b176038d2512930568ab5a79ce | 5.08 |
.BaymaxN | 0x0046a000 | 0x00004000 | 0x00004000 | f569aa36d72a19537ebf45110843865f | 0.56 |