Gridinsoft Logo
File Icon

The Launcher.exe File Analysis

Updated 7 hours ago
Checked by Malaware Check
Launcher.exe

Technical Analysis

File Name Launcher.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (console) x86-64, for MS Windows
SSDEEP Hash
3072:KPJ7NhSPWKGS59QKmGRipT1/Rp3UNyI/v7FeRgPGW4IVg:ZGfmcRp3UNy4ZeRgPGLIVg
Scanner Version 1.0.217.174
Database Version 2025-06-05 04:00:44 UTC

Suspicious File Detected

Detected by 48 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
68%
Detection Rate
291,328
File Size (bytes)
48/71
Engines Detected
2025-06-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
9ef9eb060afcdd1302d2f2aa2fdc898e
SHA1
f1d4aa7122bc8c1cc53029219902c634a1fcda56
SHA256
35d1e012ecfb69188b93a2bf7f66c7d9c6bad42d02b39ae446234737989435c1
SHA512
0e14acc76fd406345a237d349642a1b210380569a944a051827fbdbf1020ad7534f6ef45419e1cf2f683ac18cf600161b32a8e6d4d352d45f3ed9a841cc2b7a8
ImpHash
841e39d4dbb2a544f9ca96369f6c9ba2

Security Engines with Detections (48 of 71)

Bkav
W64.AIDetectMalware Malicious
Lionic
Trojan.Win32.ShellcodeRunner.4!c Malicious
Elastic
malicious (high confidence) Malicious
MicroWorld-eScan
Gen:Variant.Tedy.751973 Malicious
CTX
exe.trojan.shellcoderunner Malicious
CAT-QuickHeal
Trojan.Ghanarava.1748355352dc898e Malicious
Skyhigh
Artemis!Trojan Malicious
ALYac
Gen:Variant.Tedy.751973 Malicious
Cylance
Unsafe Malicious
Zillya
Trojan.ShellcodeRunner.Win64.7081 Malicious
K7AntiVirus
Trojan ( 00595ee81 ) Malicious
K7GW
Trojan ( 00595ee81 ) Malicious
CrowdStrike
win/malicious_confidence_70% (W) Malicious
huorong
Trojan/ShellLoader.df Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
a variant of Win64/ShellcodeRunner.AO Malicious
TrendMicro-HouseCall
TROJ_GEN.R002C0DE725 Malicious
Paloalto
generic.ml Malicious
BitDefender
Gen:Variant.Tedy.751973 Malicious
Avast
Win64:MalwareX-gen [Misc] Malicious
Tencent
Malware.Win32.Gencirc.10c3ac97 Malicious
Emsisoft
Gen:Variant.Tedy.751973 (B) Malicious
F-Secure
Trojan.TR/Redcap.lbxte Malicious
DrWeb
Trojan.Hosts.52503 Malicious
VIPRE
Gen:Variant.Tedy.751973 Malicious
TrendMicro
TROJ_GEN.R002C0DE725 Malicious
McAfeeD
ti!35D1E012ECFB Malicious
Trapmine
suspicious.low.ml.score Malicious
Sophos
Mal/Generic-S Malicious
Ikarus
Trojan.Win64.Shellcoderunner Malicious
Google
Detected Malicious
Avira
TR/Redcap.lbxte Malicious
Varist
W64/ABTrojan.ISAM-6542 Malicious
Antiy-AVL
Trojan/Win64.Tedy Malicious
Microsoft
Trojan:Win64/Tedy.A!MTB Malicious
Arcabit
Trojan.Tedy.DB7965 Malicious
GData
Gen:Variant.Tedy.751973 Malicious
Cynet
Malicious (score: 99) Malicious
AhnLab-V3
Trojan/Win.Tedy.C5747935 Malicious
Malwarebytes
Malware.AI.4135932832 Malicious
Panda
Trj/GdSda.A Malicious
Rising
Trojan.ShellCodeRunner!1.12A28 (CLASSIC) Malicious
TrellixENS
Artemis!9EF9EB060AFC Malicious
MaxSecure
Trojan.Malware.347680806.susgen Malicious
Fortinet
W64/ShellcodeRunner.AO!tr Malicious
AVG
Win64:MalwareX-gen [Misc] Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan:Win/Tedy.A9OKG Malicious
23 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 1351596857b4dc5e29c5c8dc275ea53a
Fuzzy: 471520e7e8ae089a539c507eb7e8431f
dHash: 88e8d4f8e4f468ac
Image Base 0x140000000
Entry Point 0x14000ef10
Compilation Time 2025-04-30 14:40:50
Checksum 0x00000000 (Actual: 0x0004fa4b)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path D:\Projects\_MODDING\Wuthering Waves\Blackshores\x64\Launcher.pdb
Digital Signature No valid SignedData structure was found.
Imports 14 libraries
Exports 0 functions
Resources 11 Resources
Sections 6 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 63,199 bytes 63,488 bytes 6.18 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 58D7278C5D086D9B97B3D889637C4940
.rdata 0x00011000 38,276 bytes 38,400 bytes 5.47 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 54914D890C80F607B69E5DB496180ED6
.data 0x0001b000 3,512 bytes 2,048 bytes 4.07 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BA09EA3274B0C60FD5030684F7D82BA1
.pdata 0x0001c000 3,780 bytes 4,096 bytes 4.68 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A6FFEC5373E9FE57C8C4311C3CCB686B
.rsrc 0x0001d000 181,760 bytes 181,760 bytes 3.35 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8820D9B0322B48B992CF08FC02682595
.reloc 0x0004a000 296 bytes 512 bytes 3.60 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ E01B56BEFA45D57FF90A96A87A253553

Resource Analysis

Total Resources: 11 (181,130 bytes)
Resource Type Count Total Size Percentage
RT_ICON 9 180,606 bytes
99.7%
RT_GROUP_ICON 1 132 bytes
0.1%
RT_MANIFEST 1 392 bytes
0.2%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
48 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware