Rapport d'analyse de fichier Pc hunter exe PUP PCHunter : 228dd0c2e6287547e26ffbd973a40f14

Pc hunter.exe PUP PCHunter - Rapport d'analyse

Mis à jour 1 year ago

Vérifié par Malware Check

pc hunter.exe

Type de hachage	Valeur	Action
MD5	228dd0c2e6287547e26ffbd973a40f14
SHA1	3fb89787cb97d902780da080545584d97fb1c2eb
SHA256	55f041bf4e78e9bfa6d4ee68be40e496ce3a1353e1ca4306598589e19802522c
SHA512	ebf6386ae261353c0c5d41b115cd6d68af77e80627aef10e86bebb561d55f4439c12d0157dd2fd0a3ee5bbf4960fe6d811f528b725efeaf1405ebaccbc083f9f
ImpHash	0479f44df47cfa2ef1ccc4416a538663

Type de hachage

Valeur

Action

MD5

228dd0c2e6287547e26ffbd973a40f14

SHA1

3fb89787cb97d902780da080545584d97fb1c2eb

SHA256

55f041bf4e78e9bfa6d4ee68be40e496ce3a1353e1ca4306598589e19802522c

SHA512

ebf6386ae261353c0c5d41b115cd6d68af77e80627aef10e86bebb561d55f4439c12d0157dd2fd0a3ee5bbf4960fe6d811f528b725efeaf1405ebaccbc083f9f

ImpHash

0479f44df47cfa2ef1ccc4416a538663

Analyse PE

Informations de base

▼

Icône	Hachage: 01a571f1f12f55f15016f9f38bf39f67 Flou: 2e117022c440f79a7dad811e5a6841c9 dHash: b2aaccb2b2cce8b2
Base d'image	`0x00400000`
Point d'entrée	`0x00696019`
Heure de compilation	2019-01-30 17:55:18
Somme de contrôle	0x006d21c5 (Réel: 0x006d21c5)
Version OS	5.0
Signatures PEiD	`PE32 executable (GUI) Intel 80386, for MS Windows`
Chemin PDB	`Y:\ViewEngine\Release\PCHunter32.pdb`
Signature numérique	OK
Importations	25 bibliothèques
Exportations	0 fonctions
Ressources	170 Ressources
Sections	6 Sections

Signatures numériques

▼

DigiCert High Assurance EV Root CA	DigiCert Inc (US)
WoSign Time Stamping Services CA G2	WoSign CA Limited (CN)
Certification Authority of WoSign	WoSign CA Limited (CN)
Certification Authority of WoSign	WoSign CA Limited (CN)
DigiCert EV Code Signing CA (SHA2)	一普明为（北京）信息技术有限公司 (CN)
DigiCert High Assurance EV Root CA	DigiCert Inc (US)

Informations de version

▼

Comments	一普明为Windows系统信息查看工具(安全类)
CompanyName	一普明为（北京）信息技术有限公司
FileDescription	Epoolsoft Windows Information View Tools
FileVersion	1.0.0.5
InternalName	PCHunter
LegalCopyright	(C) 2013-2020 Epoolsoft Corporation. All Rights Reserved.
OriginalFilename	PCHunter.exe
ProductName	PC Hunter
ProductVersion	1.0.0.5
SpecialBuild	2019-01-30 Build
Translation	0x0409 0x04b0

Sections PE

▼

Nom	Adresse virtuelle	Taille virtuelle	Taille brute	Entropie	Caractéristiques	MD5
`.text`	`0x00001000`	3,134,874 bytes	3,134,976 bytes	6.60 (Compressé)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`2DC02BF79428A1BB1E49589B53FA2DF5`
`.rdata`	`0x002ff000`	1,287,836 bytes	1,288,192 bytes	4.20 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`E1477CE3B97758615D2A9E27873FFBB1`
`.data`	`0x0043a000`	809,656 bytes	495,104 bytes	4.48 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`689FFBB2E8F7AC76E403F7FD4786143E`
`.rsrc`	`0x00500000`	2,032,424 bytes	2,032,640 bytes	6.41 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`CEC409EFA9FC6773E232B8491628B7A8`
`.vmp0`	`0x006f1000`	179,364 bytes	179,712 bytes	8.00 (Compressé/Chiffré)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`52EE44AB162E442F324F76C3BF10D589`
`.reloc`	`0x0071d000`	24 bytes	512 bytes	0.23 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`C7C2EDD42D0ED4F5AD2BE2F560D02FAF`

Alerte d'analyse d'entropie

1 section(s) avec entropie élevée (≥7.5) détectée(s) - compression/chiffrement possible

1 section(s) avec entropie élevée (≥6.5) - compression possible

Analyse des ressources

▼

Total des ressources: 170 (2,023,893 octets)

Type de ressource	Nombre	Taille totale	Pourcentage
KERNEL	3	1,867,480 octets	92.3%
RT_CURSOR	17	5,108 octets	0.3%
RT_BITMAP	3	109,188 octets	5.4%
RT_ICON	15	15,512 octets	0.8%
RT_DIALOG	87	22,158 octets	1.1%
RT_STRING	14	2,488 octets	0.1%
RT_GROUP_CURSOR	16	334 octets	0%
RT_GROUP_ICON	13	288 octets	0%
RT_VERSION	1	980 octets	0%
RT_MANIFEST	1	357 octets	0%

Analyse de la chaîne de certificats

▼

Certificat #1

Sujet	DigiCert High Assurance EV Root CA DigiCert Inc US
Émetteur	DigiCert High Assurance EV Root CA
Numéro de série	`3553400076410547919724730734378100087`

Certificat #2

Sujet	WoSign Time Stamping Signer WoSign CA Limited CN
Émetteur	WoSign Time Stamping Services CA G2
Numéro de série	`145514571953005914089489061521296817223`

Certificat #3

Sujet	Certification Authority of WoSign WoSign CA Limited CN
Émetteur	Certification Authority of WoSign
Numéro de série	`125491772294754854453622855443212256657`

Certificat #4

Sujet	WoSign Time Stamping Services CA G2 WoSign CA Limited CN
Émetteur	Certification Authority of WoSign
Numéro de série	`108897714282609753967357000558972428814`

Certificat #5

Sujet	一普明为（北京）信息技术有限公司一普明为（北京）信息技术有限公司 CN
Émetteur	DigiCert EV Code Signing CA (SHA2)
Numéro de série	`9352340585624155678755156449971271818`

Certificat #6

Sujet	DigiCert EV Code Signing CA (SHA2) DigiCert Inc US
Émetteur	DigiCert High Assurance EV Root CA
Numéro de série	`5242696219798676072696570528751175516`

Statut de vérification du certificat

Laisser un commentaire

Nom du fichier	pc hunter.exe
Type de fichier	PE32 executable (GUI) Intel 80386, for MS Windows
Version du scanner	1.0.154.174
Version de la base de données	2024-01-08 16:01:30 UTC