DNF exe Trojan Heuristic File Malware Analysis: c25841fda15126cb46b2b4e4ceadbc2b
Gridinsoft Logo
File Icon

DNF.exe Trojan Heuristic Analysis

Updated 3 days ago
Checked by Malware Check
DNF.exe

Technical Analysis

File Name DNF.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.231.174
Database Version 2026-01-05 13:00:34 UTC

Trojan.Heur!.03810021

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
66,056,192
File Size (bytes)
2026-01-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
c25841fda15126cb46b2b4e4ceadbc2b
SHA1
e0380458be3f350a97585ba64b1ea78f716fec1e
SHA256
22772f28c768f4512a44ad8a228519417653e4309534c5c84de69cc860d8878a
SHA512
6d81245dcdbf54da5ae7ad51c0fa809486ac7e56a051e811ae009a11946fb5c1183417f5167ddc68891051de0180936f36f9ec81e59cb0097eb982ba9d01f5b1
ImpHash
70d098525c9fff353b8769f8d0c9a2cd

PE Analysis

Basic Information

Icon
Hash: bd1a84fed8ba4be96e388cf5fe225157
Fuzzy: 62698108436299202e8000205aebebd5
dHash: 6331d16c5ccc8f87
Image Base 0x00400000
Entry Point 0x013d597a
Compilation Time 2013-06-21 03:48:07
Checksum 0x03f0a023 (Actual: 0x03f0a023)
OS Version 5.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 27 libraries
Exports 0 functions
Resources 18 Resources
Sections 19 Sections

Version Information

CompanyName neople
FileDescription Dungeon & Fighter
FileVersion 1.180.2.1
InternalName DNF
LegalCopyright Copyright (c) - 2005
OriginalFilename DNF.exe
ProductName Dungeon & Fighter
ProductVersion 1.0.0.0
Translation 0x0412 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
nsn 0x00001000 18,141,126 bytes 18,141,126 bytes 6.66 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 9734D367E198453A5BA8A65F49ADBFCA
nsn 0x0114e000 4,699,548 bytes 4,699,548 bytes 6.31 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B7228A563DEF3051D80431559DCCAC69
nsn 0x015ca000 3,979,896 bytes 3,979,896 bytes 0.35 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4E9BC8316F98E58BCDB6C6B9B24CD766
nsn 0x01996000 206,969 bytes 206,969 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0CFE6152D79EA9AD77A37CDDD0D0C1D3
nsn 0x019c9000 3,234,608 bytes 3,234,608 bytes 7.65 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B2E80DE5FD7D17448BC255909027CB8C
nsn 0x01cdf000 65,536 bytes 65,536 bytes 0.51 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 34648DF11476EC012839FFF33F0FB7A2
nsn 0x01cef000 434,176 bytes 434,176 bytes 6.45 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 57522E1C0BFFCB307F27470AF51AAAFB
nsn 0x01d59000 8,278,016 bytes 8,278,016 bytes 7.26 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE F58497A7337E65452E34FD5A59B9D08E
. fO 0x0253e000 3,234,580 bytes 3,234,580 bytes 7.93 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ B34582822ACC4480898541011AA065B6
nsn 0x02854000 17,050 bytes 17,050 bytes 6.57 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41B5F6375E8322CDA4FE67E5F250684
nsn 0x02859000 108 bytes 108 bytes 4.89 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 433416890276646966A3E31758F69AF1
nsn 0x0285a000 17,195,008 bytes 17,195,008 bytes 7.57 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B427826EFADA6930FA7B1D40E1F32E76
.vmp0 0x038c0000 53,067 bytes 53,067 bytes 6.87 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ DBF3250FB4C1F8FA8D47E5C8F8210340
.sjq 0x038cd000 396 bytes 396 bytes 7.44 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A14FA18C4A967DFD99DCF9299447889C
.mackt 0x038ce000 12,288 bytes 12,288 bytes 5.54 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1903A655CEBFF612DB4705777B699120
.>+i 0x038d1000 3,234,580 bytes 3,235,840 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D1E834065C2DE14045A95F85D011FD88
.new 0x03be7000 62,812,160 bytes 4,096 bytes 0.73 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 7871C34E8E674825CB6D8440D4F12239
.54~ 0x077ce000 2,480 bytes 4,096 bytes 5.67 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 44BEF72CD9C883B33648AB6E3E034F67
.rsrc 0x077cf000 3,234,580 bytes 3,235,840 bytes 7.82 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ BB9D28421FF9D3182B1E6372FC622A26
Entropy Analysis Alert

5 section(s) with high entropy (≥7.5) detected - possible packing/encryption

5 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 18 (3,233,557 bytes)
Resource Type Count Total Size Percentage
FILE 6 2,889,148 bytes
89.3%
HSH 6 58,247 bytes
1.8%
RT_ICON 4 285,408 bytes
8.8%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 692 bytes
0%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Heur!.03810021 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.03810021 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware