| File Name | Bloxorz.exe |
| File Type |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| Scanner Version | 1.0.219.174 |
| Database Version | 2025-07-05 17:00:29 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
e950881ec31e435d35068520df86f2c5
|
|
| SHA1 |
f7dbb735e6f19ca7480fbb4de1f0ceff39a54911
|
|
| SHA256 |
24ffec11cc9604382484994a9793326c65b5e710e98d30bbc3a18dd770287f43
|
|
| SHA512 |
0d9d273de1d4617e99a12a5b1ebf6427343e6ded37e5ddc0d89e24ee593fd409439f2d746dd907f85664cbb049ec7d820f189cda2eeb07b1a00bd2750f893617
|
|
| ImpHash |
d5131f30e8098c8827e52660ffe59dd3
|
| Icon |
Hash: e17d9310715652a4b53153ddbbede2b8
Fuzzy: eec7a79a3dff00d3eed7d4dd8771032e dHash: f03dc39290e1e698 |
| Image Base | 0x00400000 |
| Entry Point | 0x009fbbab |
| Compilation Time | 2012-09-29 11:31:08 |
| Checksum | 0x00a8d403 (Actual: 0x00a8d403) |
| OS Version | 5.0 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| PDB Path | FlashPlayer.pdb |
| Digital Signature | No valid SignedData structure was found. |
| Imports | 16 libraries |
| Exports | 1 functions |
| Resources | 116 Resources |
| Sections | 7 Sections |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
6,753,173 bytes | 6,753,280 bytes | 6.81 (Compressed) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
703F4348E8F01184B197D00104C6253F |
.rodata |
0x00672000 |
4,320 bytes | 4,608 bytes | 4.17 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
F9B675A1BD0FBF9EB19F171F153BF909 |
.rdata |
0x00674000 |
1,234,503 bytes | 1,234,944 bytes | 6.70 (Compressed) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
65835DF5BA31DABE3C7A6C7F72AE0A49 |
.data |
0x007a2000 |
1,224,104 bytes | 282,624 bytes | 6.07 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
84AFF6A64D71E5FC52843E1025ADEB3F |
.rodata |
0x008cd000 |
1,184 bytes | 1,536 bytes | 4.82 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
434F064A79169B10BCE9F9048ECACDFC |
.rsrc |
0x008ce000 |
258,658 bytes | 259,072 bytes | 6.35 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
F8EC6FB6B31D087FA1429562FF567DFD |
.reloc |
0x0090e000 |
290,778 bytes | 290,816 bytes | 5.57 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
C9C9607B3EAAB543103D057620626E1C |
2 section(s) with elevated entropy (≥6.5) - possible compression
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_CURSOR | 5 | 1,284 bytes | |
| RT_ICON | 36 | 229,400 bytes | |
| RT_STRING | 64 | 22,398 bytes | |
| RT_ACCELERATOR | 1 | 112 bytes | |
| RT_GROUP_CURSOR | 3 | 88 bytes | |
| RT_GROUP_ICON | 6 | 540 bytes | |
| RT_MANIFEST | 1 | 474 bytes |
00E3 6C 8E 30 AD CB 0F 9279 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A44D 4A A1 FD F2 6F 9F 33 53 D6 26 14 ED A6 62 37✓ This file has been digitally signed and the certificate chain has been verified
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
