Gridinsoft Logo
File Icon

The gs-auto-clicker-3.1.4-installer_ifT-uv1.exe (Softonic) File Analysis

Updated 3 months ago
Checked by Malware Check
gs-auto-clicker-3.1.4-installer_ifT-uv1.exe

Technical Analysis

File Name gs-auto-clicker-3.1.4-installer_ifT-uv1.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
98304:8TcMecBxDY8bBQ4H0BKFLOAkGkzdnEVomFHKnP9Ez:8Tc5cTqu0BKFLOyomFHKnPS
Scanner Version 1.0.226.174
Database Version 2025-09-27 22:00:19 UTC

Suspicious File Detected

Detected by 5 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
7%
Detection Rate
5,220,792
File Size (bytes)
5/72
Engines Detected
2025-09-27
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
71ac4a322db18e0aab07dbcf711ac9db
SHA1
52b080756af66fa385b4369e83b855cb29955ff3
SHA256
05a4da94c252112d657b116bfa312808c1bd5364873aaa039ad471a46e217af0
SHA512
2848c419640f7faab346726cb064f1e3cea05946a93e200e819e11d879a51ec32dbf1d9639910667f37dbd0c94e5a25ae4baa33d3b034606ec7aa3771a355ecd
ImpHash
9a0d0ae41f344146b7c079bf4c54fcfc

Security Engines with Detections (5 of 72)

DrWeb
Adware.InstallCore.825 Malicious
Webroot
Win.Adware.Gen Malicious
Google
Detected Malicious
Varist
W64/OfferCore.AE.gen!Eldorado Malicious
Malwarebytes
PUP.Optional.BundleInstaller Malicious
67 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 3bb13081559d24c13da756f1077f8274
Fuzzy: 3e9a00f5e503cf72961eb1517b877aee
dHash: 5050d274cecc82aa
Image Base 0x140000000
Entry Point 0x1402231c8
Compilation Time 2024-11-20 11:49:49
Checksum 0x004fbbef (Actual: 0x004fbbef)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path C:\Source\Repos\DS-Platform\CppInstaller\CppSetup\bin\x64\Release\CppSetup.pdb
Digital Signature OK
Imports 21 libraries
Exports 0 functions
Resources 795 Resources
Sections 7 Sections

Version Information

CompanyName Softonic
FileDescription Softonic
FileVersion 3.0.13.11201
LegalCopyright (c) Softonic
ProductName Softonic
ProductVersion 3.0.13.11201
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 2,560,508 bytes 2,560,512 bytes 6.42 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6A3143E387691CD7CED9E04C8AB0A409
.rdata 0x00273000 849,116 bytes 849,408 bytes 5.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3738F03B845953959FD174B5BBA3AC02
.data 0x00343000 96,088 bytes 58,880 bytes 4.68 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 069DD0BF9EBD8D299735AD5EDD307D86
.pdata 0x0035b000 119,436 bytes 119,808 bytes 6.18 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5B6BF9F0B82F5693B2AC626CE9677B83
_RDATA 0x00379000 500 bytes 512 bytes 4.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DF6BC8D67AF172FCACC21324DE473FFB
.rsrc 0x0037a000 1,550,168 bytes 1,550,336 bytes 7.56 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7D538C6B84E7413B8B4C00F62213AAD9
.reloc 0x004f5000 68,648 bytes 69,120 bytes 5.44 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 464A3141572C740C3E30FEB393FC8DE6
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 795 (1,461,711 bytes)
Resource Type Count Total Size Percentage
AFX_DIALOG_LAYOUT 16 32 bytes
0%
IMAGE_BLOB 1 26,694 bytes
1.8%
IMAGE_BLOB2 1 22,500 bytes
1.5%
IMAGE_BLOB3 1 24,656 bytes
1.7%
LOCALE 17 45,668 bytes
3.1%
PNG 553 1,012,317 bytes
69.3%
STYLE_XML 5 83,741 bytes
5.7%
RT_CURSOR 28 8,496 bytes
0.6%
RT_BITMAP 46 158,460 bytes
10.8%
RT_ICON 21 43,144 bytes
3%
RT_MENU 1 284 bytes
0%
RT_DIALOG 38 18,882 bytes
1.3%
RT_STRING 30 12,804 bytes
0.9%
RT_GROUP_CURSOR 27 554 bytes
0%
RT_GROUP_ICON 5 324 bytes
0%
RT_VERSION 1 572 bytes
0%
RT_MANIFEST 1 2,034 bytes
0.1%
None 3 549 bytes
0%

Certificate Chain Analysis

Certificate Information
Product Softonic
Description Softonic
File Version 3.0.13.11201
Signing Date 12:03 PM 11/20/2024 (415 days ago)
Verification Status Signed
Signers Sigma Gold (Rise Code LTD); Sectigo Public Code Signing CA R36; Sectigo Public Code Signing Root R46; Sectigo (AAA)
Counter Signers Sectigo Public Time Stamping Signer R35; Sectigo Public Time Stamping CA R36; Sectigo Public Time Stamping Root R46
Copyright (c) Softonic
Certificate Chain Summary
Sectigo Public Code Signing Root R46 #1 Primary
Validity Period: 2021-05-25 00:00:00 → 2028-12-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 48 FC 93 B4 60 55 94 8D 36 A7 C9 8A 89 D6 94 16
Sectigo Public Time Stamping CA R36 #2 Chain
Validity Period: 2021-03-22 00:00:00 → 2036-03-21 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 7A 23 AE DA 53 69 96 0F 91 C8 3E 5C F4 C7 E3 3F
Sectigo Public Code Signing CA R36 #3 Chain
Validity Period: 2021-03-22 00:00:00 → 2036-03-21 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 62 1D 6D 0C 52 01 9E 3B 90 79 15 20 89 21 1C 0A
Sigma Gold (Rise Code LTD) #4 Chain
Validity Period: 2024-01-29 00:00:00 → 2025-01-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 5E C5 26 F3 4D F3 ED AD E9 36 AE 0C 96 F4 78 BF
Sectigo Public Time Stamping Signer R35 #5 Chain
Validity Period: 2024-01-15 00:00:00 → 2035-04-14 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 3A 52 6A 2C 84 CE 55 E6 1D 65 FC CC 12 D8 E9 89
Sectigo Public Time Stamping Root R46 #6 Chain
Validity Period: 2021-03-22 00:00:00 → 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 36 C2 B0 BD 7C 1B 3A E7 A3 B3 DD 36 CB C9 75 68

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
5 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware