The firenet exe exe File Malware Analysis
Gridinsoft Logo

The firenet.exe.exe File Analysis

Updated 6 days ago
Checked by Malware Check
firenet.exe.exe

Technical Analysis

File Name firenet.exe.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
3072:bSw2kiXFTu0M24vLyWZ5D26QuC/tRX+xwIw5USxjRRtCpbXMNCieElD9:uwlSoTzytRX+x/2USxjRRtVNCS
Scanner Version 1.0.223.174
Database Version 2025-08-28 06:00:43 UTC

Suspicious File Detected

Detected by 53 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
74%
Detection Rate
197,120
File Size (bytes)
53/72
Engines Detected
2025-08-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
aff63859bcba868dae26599a0bfb836d
SHA1
9efedbc3b725e1a0fda3292d1a6dc495e3207cd2
SHA256
1d22922c1dce1991cc83188be0037a262e50f949218c223aac82b3462fba29c3
SHA512
8bbb98fa7199a6fc1ec15edde72267fa2ae41ef1cec38d5e3f38ccb4e32ffa7b2ef3ac44f7d7413ceea58fb57d1350a4c2131ee61058775a81929d05acf71744
ImpHash
380be5a77e3ee0229dfae826e9b129bf

Security Engines with Detections (53 of 72)

Bkav
W32.AIDetectMalware Malicious
Elastic
malicious (high confidence) Malicious
ClamAV
Win.Trojan.Seleya-4 Malicious
Skyhigh
BehavesLike.Win32.Backdoor.ch Malicious
ALYac
Backdoor.Gbot.G Malicious
Cylance
Unsafe Malicious
Sangfor
Trojan.Win32.Save.a Malicious
CrowdStrike
win/malicious_confidence_100% (D) Malicious
VirIT
Trojan.Win32.SHeur3.BVFL Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
Win32/Seleya.A Malicious
APEX
Malicious Malicious
Cynet
Malicious (score: 100) Malicious
Kaspersky
Trojan.Win32.Swisyn.bezg Malicious
BitDefender
Backdoor.Gbot.G Malicious
NANO-Antivirus
Trojan.Win32.Swisyn.crpie Malicious
MicroWorld-eScan
Backdoor.Gbot.G Malicious
Avast
Win32:Delf-PPL [Trj] Malicious
Rising
Trojan.Seleya!8.C9A (TFE:4:PHfNSuPYxIQ) Malicious
Emsisoft
Backdoor.Gbot.G (B) Malicious
F-Secure
Trojan.TR/Dldr.Delphi.Gen Malicious
DrWeb
Trojan.DownLoad2.32694 Malicious
VIPRE
Backdoor.Gbot.G Malicious
McAfeeD
ti!1D22922C1DCE Malicious
CTX
exe.backdoor.generic Malicious
Sophos
ML/PE-A Malicious
Ikarus
Trojan.Win32.Seleya Malicious
GData
Backdoor.Gbot.G Malicious
Jiangmin
Trojan/Generic.embb Malicious
Webroot
W32.Trojan.Swisyn Malicious
Varist
W32/Delfloader.B.gen!Eldorado Malicious
Avira
TR/Dldr.Delphi.Gen Malicious
Antiy-AVL
Trojan/Win32.Swisyn Malicious
Xcitium
TrojWare.Win32.TrojanDownloader.Delf.gen@1xqow5 Malicious
Arcabit
Backdoor.Gbot.G Malicious
ViRobot
Trojan.Win32.Swisyn.197120 Malicious
ZoneAlarm
Mal/Backdr-S Malicious
Microsoft
Trojan:Win32/Seleya.A Malicious
Google
Detected Malicious
AhnLab-V3
Trojan/Win32.Swisyn.R11964 Malicious
VBA32
Trojan-Downloader.Revelation.Tibs.B Malicious
TACHYON
Trojan/W32.DP-Swisyn.197120.B Malicious
Panda
Generic Malware Malicious
TrendMicro-HouseCall
Trojan.Win32.VSX.PE04C9j Malicious
Tencent
Malware.Win32.Gencirc.114cb433 Malicious
Yandex
Trojan.GenAsa!0o/72hZtKM4 Malicious
TrellixENS
GenericR-DLK!AFF63859BCBA Malicious
SentinelOne
Static AI - Malicious PE Malicious
MaxSecure
Trojan.Malware.2046850.susgen Malicious
Fortinet
W32/Seleya.AAA!tr Malicious
AVG
Win32:Delf-PPL [Trj] Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan[downloader]:Win/Seleya.fd73fe48 Malicious
19 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x00429f70
Compilation Time 1992-06-19 22:22:17
Checksum 0x00000000 (Actual: 0x0003afa9)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 9 libraries
kernel32, user32, advapi32, oleaut32, ADVAPI32, shell32, URLMON, wsock32, ICMP
Exports 0 functions
Resources 9 Resources
Sections 8 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
CODE 0x00001000 169,236 bytes 169,472 bytes 6.48 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ BE78606987550A935A8ED6982E23CF0E
DATA 0x0002b000 2,656 bytes 3,072 bytes 3.59 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5D44BBA6402C6F6EFC73A05F464C379A
BSS 0x0002c000 3,013 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x0002d000 4,262 bytes 4,608 bytes 4.62 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 156AF25DE0B945031292E46A3E0AA852
.tls 0x0002f000 12 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x00030000 24 bytes 512 bytes 0.19 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 42C1A96ACB9D2DA109DDAE784D56B723
.reloc 0x00031000 12,504 bytes 12,800 bytes 6.68 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 71608E41795D5E7FD39D7003B031ECD1
.rsrc 0x00035000 5,632 bytes 5,632 bytes 3.47 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 65EC101287F41123DC64C5606ADB100B
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 9 (4,656 bytes)
Resource Type Count Total Size Percentage
RT_STRING 7 4,216 bytes
90.5%
RT_RCDATA 2 440 bytes
9.5%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
53 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware
An unexpected error occurred. Please try again later.