Gridinsoft Logo
File Icon

The KawaManga.exe File Analysis

Updated 2 months ago
Checked by Malaware Check
KawaManga.exe

Technical Analysis

File Name KawaManga.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
98304:50w42xoMxk+MlfE3U3w3sXFs/G7FiVx6OqLeJ544nXG4fzSuy4z0V3m95M:50hsJxeFEdcXKu7ATxqS5fu4zOW95M
Scanner Version 1.0.210.174
Database Version 2025-03-14 18:00:56 UTC

Suspicious File Detected

Detected by 17 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
23%
Detection Rate
5,776,405
File Size (bytes)
17/73
Engines Detected
2025-03-14
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
99f629204b031dae990ac3e371a2f699
SHA1
ad6b11f5577be332be67fc7a8950be65d5a2f3f0
SHA256
0ababf0fc1083625e9f114bf7ee87da17f9285e07509d99945cad2dcefba8604
SHA512
aa244bb3d6053a72d6fae40fb50cbcff75db05bbdaf24ff3da080f1a6bb3e598aa838cba7921ce21008620a4de431a74e0bb9e4d1d6c17b8a6ecedf1265d85e9
ImpHash
965e162fe6366ee377aa9bc80bdd5c65

Security Engines with Detections (17 of 73)

Elastic
malicious (moderate confidence) Malicious
MicroWorld-eScan
Gen:Variant.Tedy.736318 Malicious
Skyhigh
BehavesLike.Win64.Backdoor.tc Malicious
Cylance
Unsafe Malicious
VIPRE
Gen:Variant.Tedy.736318 Malicious
BitDefender
Gen:Variant.Tedy.736318 Malicious
Avast
Win64:Evo-gen [Trj] Malicious
McAfeeD
ti!0ABABF0FC108 Malicious
SentinelOne
Static AI - Suspicious PE Malicious
CTX
exe.unknown.tedy Malicious
FireEye
Gen:Variant.Tedy.736318 Malicious
Arcabit
Trojan.Tedy.DB3C3E Malicious
Microsoft
Program:Win32/Wacapew.C!ml Malicious
ALYac
Gen:Variant.Tedy.736318 Malicious
APEX
Malicious Malicious
GData
Gen:Variant.Tedy.736318 Malicious
AVG
Win64:Evo-gen [Trj] Malicious
56 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 7cfe91938d5592186d2bd95d766878ca
Fuzzy: 5db313e49c50e7867c52672412d7c2d5
dHash: 0084d4ecccd4c440
Image Base 0x140000000
Entry Point 0x14000ce20
Compilation Time 2025-03-13 16:33:00
Checksum 0x00583b3b (Actual: 0x00583b3b)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 5 libraries
USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32
Exports 0 functions
Resources 9 Resources
Sections 7 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 173,264 bytes 173,568 bytes 6.49 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7F9D412C28E642C8E84BE872E83B4F9F
.rdata 0x0002c000 77,112 bytes 77,312 bytes 5.76 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5F6CA653142DE889F25990F8AD9C2791
.data 0x0003f000 21,328 bytes 3,584 bytes 1.83 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2B048C55A32EFA293A19BC62CCE0E4B8
.pdata 0x00045000 8,844 bytes 9,216 bytes 5.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ FF7327F24043DEE11DB09E993F85CAAB
.fptable 0x00048000 256 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x00049000 57,968 bytes 58,368 bytes 7.92 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ CEE91D71A8304ACB89315D8756777617
.reloc 0x00058000 1,892 bytes 2,048 bytes 5.26 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ F390B176355C1AE2E1386B761ADD6032
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 9 (57,439 bytes)
Resource Type Count Total Size Percentage
RT_ICON 7 56,042 bytes
97.6%
RT_GROUP_ICON 1 104 bytes
0.2%
RT_MANIFEST 1 1,293 bytes
2.3%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
17 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware