Gridinsoft Logo
File Icon

The 黑纱roblox电脑注入器.exe (易语言程序) File Analysis

Updated 3 months ago
Checked by Malware Check
黑纱roblox电脑注入器.exe

Technical Analysis

File Name 黑纱roblox电脑注入器.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
196608:Ih1+z494dJ+k5y8Bepk9m+ZdJ+k5y8BepQ:+Cd8sg+Zd8Y
Scanner Version 1.0.226.174
Database Version 2025-10-07 16:00:31 UTC

Suspicious File Detected

Detected by 42 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
58%
Detection Rate
8,986,624
File Size (bytes)
42/72
Engines Detected
2025-10-07
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
ad43bf08d74119a56992ef66ed5d82ff
SHA1
3e4288a165a7c414be58956e3c30425ae0d55981
SHA256
1285af4273517ec1832e274e19a05bc04f4fa181809f54e06fd9e14eb7946124
SHA512
1a54ec65543c87ebdc138bd9fca54d0a2d530990b3a41b5cc91cd8c722d4c8c577e1f82beee8041a9ccd39aa527f5c3ad832aec26ffd02cc87cf9ef18c97646c
ImpHash
5daf9e18b3053250c9d562f8bcf1dd7f

Security Engines with Detections (42 of 72)

Bkav
W32.AIDetectMalware Malicious
AVG
Win64:Malware-gen Malicious
Elastic
malicious (high confidence) Malicious
MicroWorld-eScan
Gen:Variant.Mikey.119760 Malicious
Skyhigh
BehavesLike.Win32.Generic.rc Malicious
ALYac
Gen:Variant.Mikey.119760 Malicious
Cylance
Unsafe Malicious
Sangfor
Trojan.Win32.Save.a Malicious
K7AntiVirus
Trojan ( 005246d51 ) Malicious
K7GW
Trojan ( 005246d51 ) Malicious
CrowdStrike
win/malicious_confidence_70% (D) Malicious
huorong
Trojan/Injector.bjw Malicious
Symantec
ML.Attribute.HighConfidence Malicious
tehtris
Generic.Malware Malicious
ESET-NOD32
a variant of Win32/Packed.FlyStudio.AA potentially unwanted Malicious
Cynet
Malicious (score: 100) Malicious
APEX
Malicious Malicious
ClamAV
Win.Malware.Hitbrovi-10030855-0 Malicious
BitDefender
Gen:Variant.Mikey.119760 Malicious
Avast
Win64:Malware-gen Malicious
Rising
Trojan.MalCert!1.ED8B (CLASSIC) Malicious
Emsisoft
Gen:Variant.Mikey.119760 (B) Malicious
DrWeb
Trojan.Siggen29.43807 Malicious
VIPRE
Gen:Variant.Mikey.119760 Malicious
McAfeeD
Real Protect-LS!AD43BF08D741 Malicious
Trapmine
malicious.high.ml.score Malicious
CTX
exe.unknown.mikey Malicious
Sophos
Generic ML PUA (PUA) Malicious
Ikarus
Trojan.Win32 Malicious
GData
Win32.Trojan.PSE.17UBEGE Malicious
Webroot
W32.Trojan.Gen Malicious
Varist
W32/Trojan.ISO.gen!Eldorado Malicious
Kingsoft
Win32.Troj.injector.v Malicious
Xcitium
Worm.Win32.Dropper.RA@1qraug Malicious
Arcabit
Trojan.Mikey.D1D3D0 Malicious
Microsoft
Trojan:Win32/Wacatac.B!ml Malicious
Google
Detected Malicious
Malwarebytes
Generic.Malware.gen.DDS Malicious
SentinelOne
Static AI - Malicious PE Malicious
MaxSecure
Trojan.Malware.300983.susgen Malicious
Fortinet
W32/CoinMiner.PHP!tr Malicious
DeepInstinct
MALICIOUS Malicious
30 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 8981d9b7d832baa29b8017f0f03255a4
Fuzzy: 885492982e28e842a8528526e7d16ea8
dHash: cdce0e0d0e1e136f
Image Base 0x00400000
Entry Point 0x0045ed65
Compilation Time 2024-11-21 04:38:44
Checksum 0x00000000 (Actual: 0x00895828)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 12 libraries
Exports 0 functions
Resources 55 Resources
Sections 4 Sections

Version Information

FileVersion 1.1.0.0
FileDescription 易语言程序
ProductName 黑纱roblox电脑注入器
ProductVersion 1.1.0.0
LegalCopyright 作者版权所有 请尊重并使用正版
Comments 本程序使用易语言编写(http://www.eyuyan.com)
Translation 0x0804 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 510,426 bytes 512,000 bytes 6.58 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ EDD6D45A64A764F85421561AC5E4D4C5
.rdata 0x0007e000 8,368,598 bytes 8,372,224 bytes 7.24 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 57CF1C1FAE424DAF631156D870146187
.data 0x0087a000 175,080 bytes 73,728 bytes 5.11 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0274BC98FA0E53C6F8D4F68E1E368A96
.rsrc 0x008a5000 22,500 bytes 24,576 bytes 5.36 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ FE33FD0E5A6D199B7EA676C3D21BAF02
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 55 (19,497 bytes)
Resource Type Count Total Size Percentage
TEXTINCLUDE 3 370 bytes
1.9%
RT_CURSOR 4 1,104 bytes
5.7%
RT_BITMAP 14 6,040 bytes
31%
RT_ICON 3 3,454 bytes
17.7%
RT_MENU 2 656 bytes
3.4%
RT_DIALOG 10 4,418 bytes
22.7%
RT_STRING 11 2,268 bytes
11.6%
RT_GROUP_CURSOR 3 74 bytes
0.4%
RT_GROUP_ICON 3 60 bytes
0.3%
RT_VERSION 1 592 bytes
3%
RT_MANIFEST 1 461 bytes
2.4%

Certificate Chain Analysis

Certificate Information
Product 黑纱roblox电脑注入器
Description 易语言程序
File Version 1.1.0.0
Copyright 作者版权所有 请尊重并使用正版
Certificate Chain Summary
湖南蓝途方鼎科技有限公司 #1 Primary
Validity Period: 2015-04-02 00:00:00 → 2016-05-01 23:59:59
Signature Algorithm: sha1RSA
Serial Number: 2A C0 1D E8 80 63 BA DB 08 00 08 85 3F DD 8C 6C
VeriSign Class 3 Public Primary Certification Authority - G5 #2 Chain
Validity Period: 2011-02-22 19:25:17 → 2021-02-22 19:35:17
Signature Algorithm: sha1RSA
Serial Number: 61 19 93 E4 00 00 00 00 00 1C
Certum Trusted Network CA #3 Chain
Validity Period: 2011-04-15 20:15:34 → 2021-04-15 20:25:34
Signature Algorithm: sha1RSA
Serial Number: 61 3B C7 91 00 00 00 00 00 34
Certum Trusted Network CA 2 #4 Chain
Validity Period: 2021-05-31 06:43:06 → 2029-09-17 06:43:06
Signature Algorithm: sha384RSA
Serial Number: 1B B5 8F 25 2A DF 23 00 49 28 C9 AE 3D 7E ED 27
Certum Code Signing 2021 CA #5 Chain
Validity Period: 2021-05-19 05:32:18 → 2036-05-18 05:32:18
Signature Algorithm: sha384RSA
Serial Number: 99 A3 80 0A 26 55 3B 65 AB DC 6E 84 A6 B3 EA 39
Open Source Developer, Jun Liu #6 Chain
Validity Period: 2024-07-09 05:56:47 → 2025-07-09 05:56:46
Signature Algorithm: sha256RSA
Serial Number: 66 97 11 45 CC 7A 0E 87 1D 14 71 7B 0A 04 1F F4
DigiCert Timestamp 2023 #7 Chain
Validity Period: 2023-07-14 00:00:00 → 2034-10-13 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 05 44 AF F3 94 9D 08 39 A6 BF DB 3F 5F E5 61 16
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #8 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #9 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A
绍兴易游网络科技有限公司 #10 Chain
Validity Period: 2014-05-05 04:06:20 → 2015-05-06 04:06:20
Signature Algorithm: sha1RSA
Serial Number: 44 27 56 8B 62 8E DF D8 61 17 FB EA 08 63 D3 1F
UTN-USERFirst-Object #11 Chain
Validity Period: 2013-08-15 20:28:20 → 2023-08-15 20:38:20
Signature Algorithm: sha1RSA
Serial Number: 33 00 00 00 36 7B 02 EA CD 06 50 7A 73 00 00 00 00 00 36
Certification Authority of WoSign #12 Chain
Validity Period: 1999-07-09 18:31:20 → 2019-07-09 18:40:36
Signature Algorithm: sha1RSA
Serial Number: 6B DA DF EF F0 66 1B D2 64 2A F4 6E CB B2 79 40
WoSign Class 3 Code Signing CA #13 Chain
Validity Period: 2009-08-08 01:00:05 → 2024-08-08 01:00:05
Signature Algorithm: sha1RSA
Serial Number: 55 33 97 92 C7 54 53 CC F6 5B 65 D3 F2 BB 00 79

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
42 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware