TorielWin64.exe Trojan Heuristic Analysis
| Online Virus Checker | v.1.0.168.174 |
| DB Version: | 2024-03-01 09:00:14 |
Trojan.Heur!.02252123
The "Heur" stands for "heuristic," which means we use a set of rules, algorithms, or behavioral analysis to detect potential threats that may not have a specific, known signature. It's a proactive approach to identifying suspicious behavior or code patterns that could indicate the presence of a Trojan or other malware. The file's behavior or characteristics triggered the heuristic analysis as potentially malicious. However, it doesn't necessarily confirm that the file is indeed a Trojan. It could be a false positive, where a legitimate program exhibits behavior that resembles malicious activity.
| File | TorielWin64.exe |
| Checked | 2024-03-01 07:32:23 |
| MD5 | b1a75b46aab9db301cb296f1fbbaa44f |
| SHA1 | c6fa838895b92c8c5eee9fd4b4462216a2b34445 |
| SHA256 | 11eead43450a3442c5a48898b50073f56776cf3db4368c62d900f3792d6eeb90 |
| SHA512 | 883e0095a40946cee4369a2fc23805162744cccac558691c04a085233e6d81bf80a63f0ab80fb93ff58de2d8a632370850463704c6ee5999e93a3635460e2872 |
| Imphash | 5ff77dea187b44c07958169165992ccd |
| File Size | 51833360 bytes |
Trojan.Heur!.02252123 Removal
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.02252123 without requiring further user intervention.
- Start by downloading Gridinsoft Anti-Malware to your computer.
- Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
- Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
- Click on the "Standard Scan" button.
- After the scanning process is finished, click on "Clean Now" to remove any detected threats.
- If prompted, restart your system to complete the removal process.
File Version Information
| CompanyName | Godot Engine |
| FileDescription | Godot Engine |
| FileVersion | 3.5 |
| ProductName | Godot Engine |
| Licence | MIT |
| LegalCopyright | Copyright (c) 2007-2022 Juan Linietsky, Ariel Manzur and contributors |
| Info | https://godotengine.org |
| ProductVersion | 3.5.stable.official |
| Translation | 0x0409 0x04b0 |
Portable Executable Info
 |
0f52de5830fb026144bed16f0f62a4e4 f1696e4b6e579390bc5f3540ed8d8c2f 68e8b2c49496e8f0 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x1400014c0 |
| Compilation: | 1970-01-01 00:00:00 |
| Checksum: | 0x02449bf1 (Actual: 0x031780fc) |
| OS Version: | 4.0 |
| PEiD: | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 13 |
| Imports: | ADVAPI32, AVRT, bcrypt, DINPUT8, dwmapi, GDI32, IMM32, IPHLPAPI, KERNEL32, msvcrt, ole32, OPENGL32, SHELL32, SHLWAPI, USER32, WINMM, WS2_32, WSOCK32, |
| Exports: | 5 |
| Resources: | 8 |
Sections
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x01d64948 | 0x01d64a00 | 82992bac80eea34f34d4d47ce8d86c51 | 6.38 |
| .data | 0x01d66000 | 0x00006400 | 0x00006400 | a21c2c6b1a7eb9a490e7c99abfaddf93 | 2.43 |
| .rdata | 0x01d6d000 | 0x003879a0 | 0x00387a00 | 432cdba3102b5b87343c020286139581 | 6.14 |
| pck | 0x020f5000 | 0x00000008 | 0x00d25610 | 279be503c250ffc61e36d53092e9656b | 7.80 |
| .pdata | 0x020f6000 | 0x00091be4 | 0x00091c00 | bd4362d6ce63fe9c0294abb2683d8eb4 | 6.97 |
| .xdata | 0x02188000 | 0x0023eaac | 0x0023ec00 | 3dfccb547def5c304503400f6f8d22a4 | 5.76 |
| .bss | 0x023c7000 | 0x00012770 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .edata | 0x023da000 | 0x000000d1 | 0x00000200 | 571f32a385726d4f51ab535fb17e0537 | 2.82 |
| .idata | 0x023db000 | 0x00003d88 | 0x00003e00 | efd6535ed16310011851b28266a71559 | 4.99 |
| .CRT | 0x023df000 | 0x00000070 | 0x00000200 | 2b4ba61a65b61c55f166ca203b988831 | 0.48 |
| .tls | 0x023e0000 | 0x00000010 | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
| .rsrc | 0x023e1000 | 0x000581a8 | 0x00058200 | c6e5e58f5d655f580709b7b48e1333ca | 2.71 |
| .reloc | 0x0243a000 | 0x000296fc | 0x00029800 | b4e88951e1959f2246f48d61da132a9c | 5.47 |
