The Launcher.exe File Analysis

Updated 1 day ago

Checked by Malaware Check

Launcher.exe

Technical Analysis

File Name	Launcher.exe
File Type	Win32 EXE
Magic Bytes	`PE32+ executable (console) x86-64, for MS Windows`
SSDEEP Hash	6144:uNYVLZ5gDGv9e9k7rhAUK2ZEqg0pRRLV7OYwYe18+Z8xgBSl:sIZWGv9p7FAUaq/pRdVNS7Zno
Scanner Version	1.0.217.174
Database Version	2025-06-04 04:00:34 UTC

⚠

Suspicious File Detected

Detected by 20 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

28%

Detection Rate

338,944

File Size (bytes)

20/72

Engines Detected

2025-06-04

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	ded827f6d07bb44380d0c6c0d6d1986a
SHA1	3a6c5e51566c0c9a6f47b3fcf52c93e98052af47
SHA256	37b38626347fbf0a70994865f88df569419d9bdec0caf602f583b039e5fe7b1f
SHA512	b2d58b97fe9fd7976c7d2286c50f12b340f858581fe5154f0d7177d4156ee5f6dce6439852b157fd1d12e8592eb2d8fc92ea1291eb5319d5c1cbbc8881fe210e
ImpHash	f7eb3243c24cab57e89fd55563f6c8ab

Security Engines with Detections (20 of 72)

Bkav

W32.Common.28BB4372 Malicious

Lionic

Trojan.Win32.Generic.4!c Malicious

CAT-QuickHeal

Trojan.Ghanarava.1748607732d1986a Malicious

Skyhigh

BehavesLike.Win64.DistTrack.fh Malicious

Cylance

Unsafe Malicious

CrowdStrike

win/malicious_confidence_90% (W) Malicious

ESET-NOD32

Win64/HackTool.UWPDumper.B potentially unsafe Malicious

Paloalto

generic.ml Malicious

McAfeeD

ti!37B38626347F Malicious

Trapmine

malicious.moderate.ml.score Malicious

CTX

exe.hacktool.uwpdumper Malicious

Sophos

Generic Reputation PUA (PUA) Malicious

Varist

W64/ABApplication.JWBC-6852 Malicious

Microsoft

PUA:Win32/GameHack Malicious

Google

Detected Malicious

TrellixENS

Artemis!DED827F6D07B Malicious

MaxSecure

Trojan.Malware.300983.susgen Malicious

Fortinet

W32/PossibleThreat Malicious

DeepInstinct

MALICIOUS Malicious

alibabacloud

HackTool:Win/UWPDumper.B Malicious

52 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Icon	Hash: e27e49b5e08c2f09cd9dec6cdc996dda Fuzzy: 09453d01fde6534a0a3a504b32fcbb9a dHash: 70f0b28aa692d070
Image Base	`0x140000000`
Entry Point	`0x14000ddb0`
Compilation Time	2024-06-18 17:10:11
Checksum	0x00000000 (Actual: 0x000549bd)
OS Version	6.0
PEiD Signatures	`PE32+ executable (console) x86-64, for MS Windows`
Digital Signature	No valid SignedData structure was found.
Imports	3 libraries KERNEL32, ADVAPI32, SHLWAPI
Exports	0 functions
Resources	3 Resources
Sections	6 Sections

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	196,680 bytes	197,120 bytes	6.43 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`C099419C2934BDFE13DDDE73E011A0DD`
`.rdata`	`0x00032000`	70,796 bytes	71,168 bytes	4.88 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`EB453421DB020618DB95380A22B9F98A`
`.data`	`0x00044000`	11,676 bytes	5,120 bytes	3.05 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`A55FAC51746ED1864D4C55C0CC4329C7`
`.pdata`	`0x00047000`	12,624 bytes	12,800 bytes	5.37 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`508641A8A8967DE0FE563BE94B9673E7`
`.rsrc`	`0x0004b000`	48,432 bytes	48,640 bytes	7.97 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`4CE50BAB745487F9605B7F98A419891F`
`.reloc`	`0x00057000`	2,640 bytes	3,072 bytes	5.13 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`5821CC2F76FB865C0D184459DCDD0B19`

Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

▼

Total Resources: 3 (48,180 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	1	47,779 bytes	99.2%
RT_GROUP_ICON	1	20 bytes	0%
RT_MANIFEST	1	381 bytes	0.8%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

20 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1