| File Name | Vertan.exe |
| File Type |
PE32+ executable (GUI) x86-64, for MS Windows
|
| Scanner Version | 1.0.228.174 |
| Database Version | 2025-10-28 00:00:18 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
2d771a51b586c52f667e6a99059eb9dc
|
|
| SHA1 |
167c5289b96f4b7f77b094d75d5abd7a99b6416c
|
|
| SHA256 |
1afa066e217057ade7329ce933add7eaa54dd0d74eb76590c0f9544330d2d9e9
|
|
| SHA512 |
f47ac5a7a2cf338d3a5b45c05e5888d009ea23f45452a52755462acb4c335a130aa8be1b6a25bcac72defffd98c16254b014471009dc211eaaf31788ac35168f
|
|
| ImpHash |
ace2fbb8cccd27dbddddbd741133972e
|
| Icon |
Hash: 0ff6d5fcea34334418bbba83421c7500
Fuzzy: 87f00781c833cffc5c824f76f682afdd dHash: 8c3cfca49cfe3c8c |
| Image Base | 0x00400000 |
| Entry Point | 0x00cbaa50 |
| Compilation Time | 2023-03-03 17:53:41 |
| Checksum | 0x00d10170 (Actual: 0x00d10170) |
| OS Version | 6.0 |
| PEiD Signatures |
PE32+ executable (GUI) x86-64, for MS Windows
|
| Digital Signature | OK |
| Imports | 14 libraries |
| Exports | 3 functions |
| Resources | 73 Resources |
| Sections | 11 Sections |
| FileVersion | 1.0.0.0 |
| ProductVersion | 1.0.0.0 |
| ProgramID | com.embarcadero.ezwHookpp |
| FileDescription | ezwHookpp |
| ProductName | ezwHookpp |
| Translation | 0x0409 0x04e4 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
9,246,592 bytes | 9,246,720 bytes | 5.76 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
98A4A7E88EAA9BB5CE436AD7CFECFD3C |
.data |
0x008d3000 |
780,272 bytes | 780,288 bytes | 4.98 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
44840584147DFA87AECA86D27D7FD8BD |
.bss |
0x00992000 |
138,164 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x009b4000 |
19,604 bytes | 19,968 bytes | 4.26 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
38F118F42ED19EC9E1E858041A3F425E |
.didata |
0x009b9000 |
38,210 bytes | 38,400 bytes | 3.97 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
2BC6AC39F7250A96D7ACB6C33BB53F4C |
.edata |
0x009c3000 |
158 bytes | 512 bytes | 1.98 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E1D6D96965AD24995424427EF7E46900 |
.tls |
0x009c4000 |
640 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.rdata |
0x009c5000 |
109 bytes | 512 bytes | 1.39 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
29275F4A6DBD7B0C2D5FAB425126BB59 |
.reloc |
0x009c6000 |
482,600 bytes | 482,816 bytes | 6.44 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
817B36D6EFD7EEDB749F540219C678B4 |
.pdata |
0x00a3c000 |
467,436 bytes | 467,456 bytes | 6.50 (Compressed) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
DA57B1E694C823F792CCAB9892EF13DB |
.rsrc |
0x00aaf000 |
2,607,616 bytes | 2,607,616 bytes | 6.45 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
DB2AA11682252F0F02008F05F69C4FA4 |
1 section(s) with elevated entropy (≥6.5) - possible compression
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_CURSOR | 11 | 3,388 bytes | |
| RT_ICON | 2 | 19,969 bytes | |
| RT_STRING | 35 | 31,436 bytes | |
| RT_RCDATA | 11 | 2,545,974 bytes | |
| RT_GROUP_CURSOR | 11 | 220 bytes | |
| RT_GROUP_ICON | 1 | 34 bytes | |
| RT_VERSION | 1 | 512 bytes | |
| RT_MANIFEST | 1 | 1,801 bytes |
| Product | ezwHookpp |
| Description | ezwHookpp |
| File Version | 1.0.0.0 |
| Signing Date | 05:59 PM 03/03/2023 (1043 days ago) |
| Verification Status | Signed |
| Signers | Softouch Development, Inc.; Sectigo Public Code Signing CA R36; Sectigo Public Code Signing Root R46; Sectigo (AAA) |
| Counter Signers | Sectigo RSA Time Stamping Signer #3; Sectigo RSA Time Stamping CA; Sectigo |
48 FC 93 B4 60 55 94 8D 36 A7 C9 8A 89 D6 94 1662 1D 6D 0C 52 01 9E 3B 90 79 15 20 89 21 1C 0AF7 0E D8 BE 4E BA BB 6A 75 A8 0F B1 17 8B 7C A230 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B990 39 7F 9A D2 4A 3A 13 F2 BD 91 5F 08 38 A9 43✓ This file has been digitally signed and the certificate chain has been verified
OK
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware
Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!
