Gridinsoft Logo
File Icon

The Launcher for GoodbyeDPI.exe (Launcher for GoodbyeDPI) File Analysis

Updated 10 months ago
Checked by Malware Check
Launcher for GoodbyeDPI.exe

Technical Analysis

File Name Launcher for GoodbyeDPI.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
49152:5ygKoSR3qT10OHUPSH5sZEyDf07z4mYQXfbqSdeVijzuqwTVSv7plJFSP25J:o/oGjOHUPSH5sZEyDf07z4mYQXfbqSdZ
Scanner Version 1.0.183.174
Database Version 2024-07-31 23:00:29 UTC

Suspicious File Detected

Detected by 37 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
50%
Detection Rate
1,656,312
File Size (bytes)
37/74
Engines Detected
2024-07-31
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
74d8f35dcc50a83fbe7b6e5d0f9becc2
SHA1
17968a2f61f171d4ae39a712bda8db26cb9f719a
SHA256
2161d5eb2cff54b0aa4016c48d7bd17eed801ed86709658427ab07c6e079b9e8
SHA512
303d58c2892e1fca62e8344f3720965cc3dc0eb9bd16bf85d1aff4a396cf669b2a71ae3f431bd563e146069733a3c6b856e3b8546fccba724e980015515137f7
ImpHash
0081b856f019f6a623da60e54c1f69dd

Security Engines with Detections (37 of 74)

Bkav
W32.AIDetectMalware Malicious
Lionic
Trojan.Win32.GoodbyeDPI.4!c Malicious
AVG
Win32:MalwareX-gen [Trj] Malicious
Elastic
malicious (high confidence) Malicious
MicroWorld-eScan
Trojan.GenericKD.73510612 Malicious
Skyhigh
Artemis!Trojan Malicious
ALYac
Trojan.GenericKD.73510612 Malicious
Cylance
Unsafe Malicious
Zillya
Trojan.GoodbyeDPIAGen.Win32.38 Malicious
Sangfor
PUP.Win32.Goodbyedpi.V4lh Malicious
K7AntiVirus
Unwanted-Program ( 005a3f421 ) Malicious
K7GW
Unwanted-Program ( 005a3f421 ) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
a variant of Win32/GoodbyeDPI_AGen.A potentially unsafe Malicious
Paloalto
generic.ml Malicious
BitDefender
Trojan.GenericKD.73510612 Malicious
Avast
Win32:MalwareX-gen [Trj] Malicious
Rising
Trojan.Starter!1.9F6D (CLASSIC) Malicious
Emsisoft
Trojan.GenericKD.73510612 (B) Malicious
VIPRE
Trojan.GenericKD.73510612 Malicious
McAfeeD
ti!2161D5EB2CFF Malicious
Trapmine
malicious.moderate.ml.score Malicious
FireEye
Generic.mg.74d8f35dcc50a83f Malicious
Sophos
Generic Reputation PUA (PUA) Malicious
Varist
W32/ABTrojan.QFCW-0348 Malicious
Antiy-AVL
RiskWare/Win32.GoodbyeDPI Malicious
Microsoft
PUA:Win32/Packunwan Malicious
GData
Trojan.GenericKD.73510612 Malicious
Google
Detected Malicious
AhnLab-V3
Malware/Win.Generic.R658459 Malicious
McAfee
Artemis!74D8F35DCC50 Malicious
Malwarebytes
RiskWare.PacketInspector Malicious
Panda
Trj/Chgt.AD Malicious
TrendMicro-HouseCall
TROJ_GEN.R002H09GK24 Malicious
Fortinet
Riskware/GoodbyeDPI_AGen Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan:Win/GoodbyeDPI_AGen.A Malicious
37 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 2167708234cebe062c761f2795092529
Fuzzy: 5aa3749d3c596458fda7cae7ff04539b
dHash: f0c886b3339e6c70
Image Base 0x00400000
Entry Point 0x004073c8
Compilation Time 2024-07-16 08:49:42
Checksum 0x0019601d (Actual: 0x001984bc)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature Chain verification from CN=TOPERSOFT® (serial:1146421791, sha1:bc98f01fbf8072470151b0a9879a83c693b02ed5) failed: Unable to build a validation path for the certificate "Common Name: TOPERSOFT®" - no issuer matching "Common Name: VeriSign Class 3 Code Signing 2009-2 CA" was found
Imports 1 libraries
MSVBVM60
Exports 0 functions
Resources 7 Resources
Sections 3 Sections

Version Information

Translation 0x0409 0x04b0
Comments This Program is Free!
CompanyName https://topersoft.com
FileDescription Launcher for GoodbyeDPI
LegalCopyright Program by TOPER © 2024
LegalTrademarks TOPERSOFT © 2017-2024
ProductName Launcher for GoodbyeDPI
FileVersion 7.08
ProductVersion 7.08
InternalName Launcher for GoodbyeDPI
OriginalFilename Launcher for GoodbyeDPI.exe

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,616,224 bytes 1,617,920 bytes 6.67 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 763B363127E70D37E867BCA62F79099F
.data 0x0018c000 20,376 bytes 4,096 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 620F0B67A91F7F74151BC5BE745B7110
.rsrc 0x00191000 22,424 bytes 24,576 bytes 5.80 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F11FBB46654ADA91D2FC4F14202CB313
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 7 (21,969 bytes)
Resource Type Count Total Size Percentage
RT_ICON 4 20,017 bytes
91.1%
RT_GROUP_ICON 1 62 bytes
0.3%
RT_VERSION 1 968 bytes
4.4%
RT_MANIFEST 1 922 bytes
4.2%

Certificate Chain Analysis

Certificate Information
Product Launcher for GoodbyeDPI
Description Launcher for GoodbyeDPI
File Version 7.08
Original Name Launcher for GoodbyeDPI.exe
Verification Status A certificate chain could not be built to a trusted root authority.
Internal Name Launcher for GoodbyeDPI
Copyright Program by TOPER © 2024
Certificate Chain Summary
\x00T\x00O\x00P\x00E\x00R\x00S\x00O\x00F\x00T\x00\xae #1 Primary
Validity Period: 2024-07-16 08:49:05 → 2025-07-16 08:49:04
Signature Algorithm: 1.3.14.3.2.29
Serial Number: 44 55 02 1F
Sectigo RSA Time Stamping CA #2 Chain
Validity Period: 2019-05-02 00:00:00 → 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9
Sectigo RSA Time Stamping Signer #4 #3 Chain
Validity Period: 2023-05-03 00:00:00 → 2034-08-02 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 39 4C 25 E1 7C A0 6D 27 A8 65 E2 3B D9 1D 22 D4

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from CN=TOPERSOFT® (serial:1146421791, sha1:bc98f01fbf8072470151b0a9879a83c693b02ed5) failed: Unable to build a validation path for the certificate "Common Name: TOPERSOFT®" - no issuer matching "Common Name: VeriSign Class 3 Code Signing 2009-2 CA" was found

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
37 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware