Please ensure you understand and agree with our data protection policy before using this site. Review Policy
Analyze suspicious files to detect malware and automatically share them with our team. You can compress your file into a zip archive (if needed, we use the password "infected" to extract before checking).
The "Heur" stands for "heuristic," which means we use a set of rules, algorithms, or behavioral analysis to detect potential threats that may not have a specific, known signature. It's a proactive approach to identifying suspicious behavior or code patterns that could indicate the presence of a Trojan or other malware. The file's behavior or characteristics triggered the heuristic analysis as potentially malicious. However, it doesn't necessarily confirm that the file is indeed a Trojan. It could be a false positive, where a legitimate program exhibits behavior that resembles malicious activity.
File: | ZBrush.exe |
Checked: | 2023-11-23 21:18:48 |
MD5: | be16688ae40d87397c29b548bafbe6b6 |
SHA1: | 76eafebc769d4200138756c61806ae89b4001b28 |
SHA256: | 033f9cc171fd69dfb4f39a0604bfad6b88d2f6b7fa822da133651c9d2bb82343 |
SHA512: | 2f7a8312867dcb8aca3b6eb33f8f7cadda151c95de93242c8ad93852373d6cf9249341ebf8974ec3d718b8bafddd543c96179d78fdf36904102479b981d7c16f |
Imphash: | 16e6e0870886e1f09a6f29aacc397f24 |
File Size: | 42545712 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.03212063 without requiring further user intervention.
CompanyName | Maxon Computer GmbH |
FileDescription | ZBrush Executable |
FileVersion | 2023, 2, 2, 0 |
InternalName | ZBrush2023.2.2 |
LegalCopyright | Copyright © 2023 Maxon Computer GmbH. Developed By Ofer Alon. |
LegalTrademarks | Maxon and the Maxon logo, ZBrush and the ZBrush logo, ZBrushCore, and the ZBrushCore logo are trademarks of Maxon Computer GmbH. |
OriginalFilename | ZBrush.exe |
ProductName | ZBrush |
ProductVersion | 2023, 2, 2, 0 |
Translation | 0x0409 0x04b0 |
Image Base: | 0x140000000 |
Entry Point: | 0x15dab9890 |
Compilation: | 2023-08-08 08:50:16 |
Checksum: | 0x00000000 (Actual: 0x0289a8b7) |
OS Version: | 6.0 |
PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 3 |
Imports: | ADVAPI32, api-ms-win-crt-convert-l1-1-0, api-ms-win-crt-environment-l1-1-0, api-ms-win-crt-filesystem-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-locale-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-time-l1-1-0, api-ms-win-crt-utility-l1-1-0, bcrypt, COMDLG32, CRYPT32, freetype, GDI32, gdiplus, GLU32, IPHLPAPI, KERNEL32, MFPlat, MFReadWrite, ole32, OLEAUT32, ompp, PROPSYS, SHELL32, SHLWAPI, USER32, VCOMP140, VCRUNTIME140, WININET, WINMM, |
Exports: | 0 |
Resources: | 117 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.... | 0x00001000 | 0x1b23d000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.... | 0x1b23e000 | 0x0287c000 | 0x0287bc00 | 9e0dcd0408c2943fd7e3e70763457a64 | 7.90 |
.rsrc | 0x1daba000 | 0x00015000 | 0x00015000 | 823b9e70ecf061b7f5865d1f0c5ad1aa | 5.77 |