Gridinsoft Logo

Crack.exe PUP Gen Analysis

Updated 1 year ago
Checked by Malware Check
Crack.exe

Technical Analysis

File Name Crack.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.169.174
Database Version 2024-03-16 19:00:21 UTC

PUP.Win64.Gen.cld

Malware family: Gen

This is a generic detection identifier for files exhibiting Trojan horse characteristics. It indicates malware that disguises itself as legitimate software while containing malicious code designed to compromise system security or steal information.
N/A
Detection Rate
520,192
File Size (bytes)
2024-03-16
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
41648e9e868ded8570780a94beb70375
SHA1
589ed96f37c20afb2c900ec9a6f6d0e69b6b9d89
SHA256
34c7a0c693973777ac09d8ddaffbfdb6502eb9f3c62182e4be0a43f6cd066ce6
SHA512
26464996c4dcd6962f1b5cbfec50d6b9ccdad2bd9a1c8b4f3b654a6843445825ebbc9fac1b225bd390b2c63a90bdfe650d7a15a9589af05260d9df6fdc100473
ImpHash
3638b4cf52c44cf0471b695a964be64b

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140006388
Compilation Time 2022-02-08 01:37:54
Checksum 0x00000000 (Actual: 0x00083657)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path C:\Users\1.Kla$\source\repos\Crack_Manager\x64\Release\Pak_Manager.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 9 libraries
KERNEL32, MSVCP140, VCRUNTIME140_1, VCRUNTIME140, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-locale-l1-1-0, api-ms-win-crt-math-l1-1-0
Exports 0 functions
Resources 1 Resources
Sections 6 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 25,305 bytes 25,600 bytes 6.22 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D84D3BCC5205796677C2D115154B7C8F
.rdata 0x00008000 12,620 bytes 12,800 bytes 4.54 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F646CE7A8AB34ADD23825EA88F31CE26
.data 0x0000c000 479,824 bytes 477,696 bytes 7.98 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 58E94E2DD792E45843FF0D2AF270BF5E
.pdata 0x00082000 1,992 bytes 2,048 bytes 4.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 1ABA08A7CA7C3EA42ABC124389CF1E71
.rsrc 0x00083000 488 bytes 512 bytes 4.77 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C4AA098DC947875FF59776D7B9DC1527
.reloc 0x00084000 168 bytes 512 bytes 2.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 52CCA2290B04C4837987F9D692B436D6
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 1 (392 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 392 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

PUP.Win64.Gen.cld Removal

Gridinsoft has the capability to identify and eliminate PUP.Win64.Gen.cld without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware