Gridinsoft Logo

The zevra-avx2.exe File Analysis

Technical Analysis

File Name zevra-avx2.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.221.174
Database Version 2025-07-20 20:00:28 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
3,557,106
File Size (bytes)
2025-07-20
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
85d2d3102dcf9a11e09fa7abd5abb036
SHA1
0f9d1936931f29f576668ecb575ef733cfc59ec2
SHA256
034dc6498202ac2280e3a5c4348ebd8b1abea0e6e4c2ba28e56e576a354df477
SHA512
5d7c2af7f0d9916469a43ead38bc9bcb9846d9271ffb6ea243ef9f462319a91d517a008347b690560af92e3d5a5241c27f6324f7caff8e3e3c314325b13836e6
ImpHash
08099fe8378dfa8670d046ebea3953af

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x1400013e0
Compilation Time 2025-02-24 19:57:39
Checksum 0x0036733e (Actual: 0x0036733e)
OS Version 4.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 2 libraries
KERNEL32, msvcrt
Exports 0 functions
Resources 1 Resources
Sections 20 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 105,920 bytes 105,984 bytes 6.52 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 99A0EE5C37067AA0DDCD22C098D0D77E
.data 0x0001b000 416 bytes 512 bytes 2.69 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE E30C3FFD1751524DA8D286547C72B138
.rdata 0x0001c000 3,162,912 bytes 3,163,136 bytes 7.68 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 09DB449A676CDA0C3C352BF4DD793182
.pdata 0x00321000 3,516 bytes 3,584 bytes 4.98 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 07C3F58E9488156E4956BBD22C466039
.xdata 0x00322000 3,428 bytes 3,584 bytes 4.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 629FD5095E2BCFB8585A282DD52F118A
.bss 0x00323000 10,306,340 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x00cf8000 4,280 bytes 4,608 bytes 4.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 086B2E3FFF5083FD5E17A82A547553BC
.CRT 0x00cfa000 104 bytes 512 bytes 0.35 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 145DEEE941B2915DBD0DBA82B46EE8F5
.tls 0x00cfb000 16 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x00cfc000 1,256 bytes 1,536 bytes 4.78 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 73F77872A88760F25937276BAEB15D81
.reloc 0x00cfd000 156 bytes 512 bytes 1.88 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ CFCC7C1BB730C05A5BA5B6351A848D16
/4 0x00cfe000 2,144 bytes 2,560 bytes 1.67 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 791B69A3A93C7BD719EB9A10F5D165F9
/19 0x00cff000 83,341 bytes 83,456 bytes 5.81 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ B379C1338E347BAE9893F4CF86AF9A92
/31 0x00d14000 16,128 bytes 16,384 bytes 4.82 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 88DD7FD8DE982DFAC81B3F4C1A9276B8
/45 0x00d18000 31,898 bytes 32,256 bytes 5.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ CECD86E8D836F99BC55056BAD03BB3AE
/57 0x00d20000 6,648 bytes 6,656 bytes 4.58 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ CF5144B4621AE1C5543D06FAB5864105
/70 0x00d22000 1,018 bytes 1,024 bytes 4.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ D06F84E1D2435F177505A80A3925A8D1
/81 0x00d23000 10,838 bytes 11,264 bytes 4.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 236009E4A4F8CFBF59F5BAD898F45F9B
/97 0x00d26000 33,893 bytes 34,304 bytes 5.82 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 88843C891EDDA48209DE9E84BCF9EF93
/113 0x00d2f000 1,546 bytes 2,048 bytes 4.94 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 1400612635B32D9280CC05CA12568CE3
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 1 (1,167 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 1,167 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware