The File.exe (StarWind V2V Converter) File Analysis

Updated 1 year ago

Checked by Malaware Check

File.exe

Technical Analysis

File Name	File.exe
File Type	Win32 EXE
Magic Bytes	`PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows`
SSDEEP Hash	98304:0t/FdPD5eGE9dGs16jeSp7HmFu+eA2NjWbD5F1urlkv:C5ex26eTazeACUDtv
Scanner Version	1.0.147.174
Database Version	2023-11-12 07:00:48 UTC

⚠

Suspicious File Detected

Detected by 9 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

13%

Detection Rate

6,193,672

File Size (bytes)

9/72

Engines Detected

2023-11-12

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	df0296ba47574933357b2ce3fb263ab3
SHA1	fccf05ff18296984f8a5e0c421de43dc588c527b
SHA256	1e6773fd392467f31f89f60e5a301f2a439d88a9d4083bedcf1f090b8f7ed7f8
SHA512	26efdfd605650a5c6300ffc3da5c3f0174c5ff9062114fdfdca7f01f0703c981ab30c231ce4e5a668054bd0846a6defb9aabe07cd21a7885176114ae348d6258
ImpHash	f34d5f2d4577ed6d9ceec516c1f5a744

Security Engines with Detections (9 of 72)

Cybereason

malicious.f18296 Malicious

Elastic

malicious (moderate confidence) Malicious

Cynet

Malicious (score: 100) Malicious

Kaspersky

UDS:Trojan.MSIL.Scar.gen Malicious

Microsoft

Program:Win32/Wacapew.C!ml Malicious

ZoneAlarm

UDS:Trojan.MSIL.Scar.gen Malicious

Google

Detected Malicious

Ikarus

Trojan-Spy.Win32.Agent Malicious

Fortinet

MSIL/Kryptik.AKAG!tr Malicious

63 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Icon	Hash: bf0fad3fc433b0a25f852cdbad026d51 Fuzzy: d028eff9e78b3862e86ede42c8db305a dHash: d4e4fcccfcb48888
Image Base	`0x00400000`
Entry Point	`0x00932e8e`
Compilation Time	2082-05-11 22:44:12
Checksum	0x005f258b (Actual: 0x005f05b1)
OS Version	4.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows`
PDB Path	`playmod_rave_energy.pdb`
Digital Signature	The expected hash does not match the digest in SpcInfo
Imports	1 libraries mscoree
Exports	0 functions
Resources	136 Resources
Sections	4 Sections

Digital Signatures

▼

DigiCert Assured ID Root CA	DigiCert Inc (US)
DigiCert SHA2 Assured ID Code Signing CA	QlikTech International AB (SE)
DigiCert Assured ID CA-1	DigiCert (US)
DigiCert Assured ID Root CA	DigiCert Inc (US)

Version Information

▼

CompanyName	StarWind Software
FileDescription	StarWind V2V Converter
FileVersion	9,0,0,167
InternalName	V2V_ConverterConsole.exe
OriginalFilename	V2V_ConverterConsole.exe
LegalCopyright	Copyright (C) 2009-2018. All rights reserved.
ProductName	StarWind V2V Converter
ProductVersion	9.0.0.167
Translation	0x0409 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00002000`	5,443,220 bytes	5,443,584 bytes	7.80 (Packed/Encrypted)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`B2BF0A6BBCFD9D78C637C8A2BB881D39`
`.sdata`	`0x00534000`	548 bytes	1,024 bytes	4.35 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`F77646162928A3FB0159F0A5CEC0621D`
`.rsrc`	`0x00536000`	726,658 bytes	727,040 bytes	3.14 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`D3D0AAF7050925CABE2B59BB614F1C12`
`.reloc`	`0x005e8000`	12 bytes	512 bytes	0.10 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`4A2864FAC18C468F5FAEC2309C3C7685`

Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

▼

Total Resources: 136 (719,645 bytes)

Resource Type	Count	Total Size	Percentage
AFX_DIALOG_LAYOUT	18	36 bytes	0%
XML	2	25,350 bytes	3.5%
RT_CURSOR	24	6,752 bytes	0.9%
RT_BITMAP	3	598,148 bytes	83.1%
RT_ICON	10	68,304 bytes	9.5%
RT_MENU	2	1,112 bytes	0.2%
RT_DIALOG	20	6,670 bytes	0.9%
RT_STRING	28	11,136 bytes	1.5%
RT_ACCELERATOR	1	104 bytes	0%
RT_GROUP_CURSOR	19	450 bytes	0.1%
RT_GROUP_ICON	6	176 bytes	0%
RT_VERSION	1	868 bytes	0.1%
RT_MANIFEST	1	501 bytes	0.1%
None	1	38 bytes	0%

Certificate Chain Analysis

▼

Certificate #1

Subject	DigiCert SHA2 Assured ID Code Signing CA DigiCert Inc US
Issuer	DigiCert Assured ID Root CA
Serial Number	`5364131601516814570659357524942475272`

Certificate #2

Subject	QlikTech International AB QlikTech International AB SE
Issuer	DigiCert SHA2 Assured ID Code Signing CA
Serial Number	`4351462707861435094622925424253412984`

Certificate #3

Subject	DigiCert Timestamp Responder DigiCert US
Issuer	DigiCert Assured ID CA-1
Serial Number	`3995999952007395326848486153846780006`

Certificate #4

Subject	DigiCert Assured ID CA-1 DigiCert Inc US
Issuer	DigiCert Assured ID Root CA
Serial Number	`9294069684021802972772960878324333083`

Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

9 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1