Gridinsoft Logo
File Icon

TS4_Launcher_x64.exe Trojan Heuristic Analysis

Updated 21 days ago
Checked by Malware Check
TS4_Launcher_x64.exe

Technical Analysis

File Name TS4_Launcher_x64.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-18 16:00:31 UTC

Trojan.Heur!.00052033

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
995,696
File Size (bytes)
2025-12-18
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
d86984d3458b4c54972ba063c3a40dbc
SHA1
9285aa4bf9d3871dfc518a0359065c5a8f31cbce
SHA256
14ccb2f47b6ee1dcb84da40da8415bed9f8c1d0ce32aa2c11989b3d1ae6b6617
SHA512
3a5585c05056b885699cc1e0553e7a3e67a299cc552324bf0d8ccaf05fc36dc1972cf72b59dc34705ad25df62d3be2730345f06d9ec45602598fc0af127e2f15
ImpHash
269552aa0b307214bbd168645fc6c2a2

PE Analysis

Basic Information

Icon
Hash: 63af5380dff92c15b29cae394907c616
Fuzzy: 65c6f11e63f8c5f4894b992099b1d104
dHash: e8cc9696068ecce8
Image Base 0x140000000
Entry Point 0x14007d260
Compilation Time 2025-11-19 14:03:16
Checksum 0x00100ccc (Actual: 0x000fe186)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path D:\dev\TS4\_compile\TS4Launcher\Releasex64_fpb\TS4_Launcher_x64.pdb
Digital Signature The expected hash does not match the digest in SpcInfo
Imports 17 libraries
Exports 2 functions
Resources 33 Resources
Sections 8 Sections

Version Information

FileVersion 1.120.117.1030
ProductVersion 1.120.117.1030
CompanyName Electronic Arts Inc.
FileDescription The Sims™ 4
LegalCopyright © 2014 Electronic Arts Inc.
OriginalFilename TS4_Launcher_x64.exe
ProductName The Sims™ 4
InternalName TS4_Launcher_x64.exe
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 532,126 bytes 532,480 bytes 6.46 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 87F7F344148EA1457971132773C6EC66
.rdata 0x00083000 254,412 bytes 254,464 bytes 5.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F6AD4FEA34DD94E6A9DF6F513149288B
.data 0x000c2000 169,408 bytes 29,696 bytes 3.95 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 7AD7B09BF5B153529189B6FF59B92407
.pdata 0x000ec000 29,532 bytes 29,696 bytes 5.88 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9C6FD5D382C8E9B1741D4EB6CDB7A029
_RDATA 0x000f4000 1,760 bytes 2,048 bytes 6.52 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ AE10F75914D0C7AB3E3A8CA4BBE7B5FE
.rsrc 0x000f5000 127,848 bytes 128,000 bytes 7.15 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 608A1950F97D50EFB97F6A906722C772
.reloc 0x00115000 5,280 bytes 5,632 bytes 5.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C62A52D81DE5A62E1CF7D718A2638091
.anadius 0x00117000 1,554 bytes 2,048 bytes 0.81 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 642E8D6F6F5F4627D699D5A15884BEDF
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 33 (125,873 bytes)
Resource Type Count Total Size Percentage
STR 18 50,759 bytes
40.3%
RT_ICON 12 73,271 bytes
58.2%
RT_GROUP_ICON 1 174 bytes
0.1%
RT_VERSION 1 800 bytes
0.6%
RT_MANIFEST 1 869 bytes
0.7%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Heur!.00052033 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.00052033 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware