Gridinsoft Logo
File Icon

LTCG-TPGame.exe Trojan Heuristic Analysis

Updated 1 minute ago
Checked by Malware Check
LTCG-TPGame.exe

Technical Analysis

File Name LTCG-TPGame.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.220.174
Database Version 2025-07-14 10:00:21 UTC

Trojan.Heur!.01050031

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
33,322,864
File Size (bytes)
2025-07-14
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
a49abb72c64d6787d5faf4e422662860
SHA1
5514e626e4f46767d561b23a2a7c0e7c7db463a6
SHA256
0515ee5b05eddf264c2c97b9049c597ac16b140d4537258caf31b8366f2ffb0b
SHA512
1ee29c84ef9038ecc014366093ea3bf60bcb0fd42260b9d71d9bb28e8b6973958d79e3bd17b094baf0c101a655571cdfd9a06849a28636f59764ed2862bf74c6
ImpHash
d4349f38d6cdb3a671c0fd0aed75a74a

PE Analysis

Basic Information

Icon
Hash: 39e197b40e22d8d60987aa9727e0e4fa
Fuzzy: 44a8315976d637a9597259fd85561bbe
dHash: cc8ccc8cae1aaaa2
Image Base 0x00400000
Entry Point 0x02551640
Compilation Time 2008-02-13 01:21:03
Checksum 0x01fcc1af (Actual: 0x01fcc1af)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path S:\BuildData\Binaries\Lib\ReleaseShippingPC\TPGame.pdb
Digital Signature OK
Imports 37 libraries
Exports 3 functions
Resources 30 Resources
Sections 11 Sections

Version Information

CompanyName Codemasters
FileDescription Turning Point: Fall of Liberty
FileVersion 1.0.0.0
InternalName LTCG-TPGame
LegalCopyright
LegalTrademarks1
LegalTrademarks2
OriginalFilename LTCG-TPGame.exe
ProductName Turning Point: Fall of Liberty
ProductVersion 1.0
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 20,115,353 bytes 20,115,456 bytes 6.95 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D1D75241D1DD9B8CB8AEF9C28519965F
.textidx 0x01330000 666,048 bytes 667,648 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 876B8635AA8EC2E4EABC8EC39AB68DD7
CONST 0x013d3000 80 bytes 4,096 bytes 0.26 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 564C6BF1A67078A5511D3B15F5B9DDF1
.rdata 0x013d4000 5,770,540 bytes 5,771,264 bytes 5.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ EA32851567936F78DF69CFA48E57F40C
.data 0x01955000 1,866,712 bytes 393,216 bytes 5.99 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 88BD33C595DFC4EC65EA72EF26BAC6E9
.rsrc 0x01b1d000 274,172 bytes 274,432 bytes 6.83 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ FC70CDD910E238B0B1688F1DF3AA5728
ars 0x01b60000 6,214,640 bytes 3,248,128 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 7D4E53BEEFB3024A3DFE482B2E1E0726
est 0x0214e000 29,008 bytes 32,768 bytes 6.23 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 3AC7C98528C7907C149263E72040347A
artem 0x02156000 3,474,144 bytes 1,032,192 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4BA24C3AB94EB178632652882EFFACD8
celare 0x024a7000 21,432 bytes 24,576 bytes 5.63 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A962B1AE8A49E68E22142FACE7D7D794
.securom 0x024ad000 1,748,529 bytes 1,748,992 bytes 6.23 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 993CA2306EBBB7D41C8E3535F827786A
Entropy Analysis Alert

3 section(s) with high entropy (≥7.5) detected - possible packing/encryption

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 30 (272,448 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 4 1,232 bytes
0.5%
RT_BITMAP 1 108 bytes
0%
RT_ICON 15 268,256 bytes
98.5%
RT_DIALOG 2 644 bytes
0.2%
RT_GROUP_CURSOR 4 80 bytes
0%
RT_GROUP_ICON 2 222 bytes
0.1%
RT_VERSION 1 812 bytes
0.3%
RT_MANIFEST 1 1,094 bytes
0.4%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

OK

Trojan.Heur!.01050031 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.01050031 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware