使用DataRun NTFS查找原始数据时出现问题

我有一个NTFS文件的映像，其中包含多个测试文件。当我到达一个windows Bin时，我遇到了数据运行：1簇=>4096/0x1000字节

22 BD 00 42 01 21 56 67 FF 11 03 97 11 13 D7 00。

通常情况下，这意味着我有4次跑步：

22 BD 00 42 01＝>0xBD集群@0x142集群偏移

21 56 67 FF＝>0x56簇@0xFF67簇偏移

11 03 97＝>0x3簇@0x97簇偏移

11 13 D7=>0x13簇@0xD7簇偏移

问题是，没有足够的集群来达到0xFF67，你就越界了。

在0x97偏移量的3个集群中发现的原始数据也与文件中的任何数据都不匹配。

有人知道问题出在哪里吗？

这里是整个条目的代码，它从偏移量0x14400 开始

46 49 4C 45 30 00 03 00 00 00 00 00 00 00 00 00 01 00 01 00 38 00 01 00 B0 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 06 00 00 00 41 00 00 00 5B 02 00 00 00 00 00 00 10 00 00 00 48 00 00 00 00 00 00 00 00 00 00 00 30 00 00 00 18 00 00 00 C3 CD AA 79 E0 48 D6 01 00 A6 A1 73 74 AE D4 01 4F DA 03 E7 40 60 D6 01 AA B7 DF 77 40 60 D6 01 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 00 70 00 00 00 00 00 00 00 00 00 05 00 58 00 00 00 18 00 01 00 05 00 00 00 00 00 05 00 C3 CD AA 79 E0 48 D6 01 00 A6 A1 73 74 AE D4 01 B0 33 8A E4 40 60 D6 01 AA B7 DF 77 40 60 D6 01 00 90 12 00 00 00 00 00 F8 83 12 00 00 00 00 00 20 00 00 00 00 00 00 00 0B 00 74 00 65 00 73 00 74 00 42 00 49 00 4E 00 2E 00 62 00 69 00 6E 00 50 00 00 00 68 00 00 00 00 00 00 00 00 00 01 00 50 00 00 00 18 00 00 00 01 00 04 80 14 00 00 00 24 00 00 00 00 00 00 00 34 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 02 00 1C 00 01 00 00 00 00 03 14 00 FF 01 1F 00 01 01 00 00 00 00 00 01 00 00 00 00 80 00 00 00 50 00 00 00 01 00 40 00 00 00 02 00 00 00 00 00 00 00 00 00 28 01 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 90 12 00 00 00 00 00 F8 83 12 00 00 00 00 00 F8 83 12 00 00 00 00 00 22 BD 00 42 01 21 56 67 FF 11 03 97 11 13 D7 00 FF FF FF FF 00 00 00 00 01 00 00 00 00 03 14 00 FF 01 1F 00 01 01 00 00 00 00 00 01 00 00 00 00 80 00 00 00 50 00 00 00 01 00 40 00 00 00 02 00 00 00 00 00 00 00 00 00 28 01 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 90 12 00 00 00 00 00 F8 83 12 00 00 00 5B 02 F8 83 12 00 00 00 00 00 22 BD 00 42 01 21 56 67 FF 11 03 97 11 13 D7 00 FF FF FF FF