Gridinsoft Logo

DocumentSaver.exe Trojan Agent Analysis

Trojan Agent
Updated on 2024-05-09 (5 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.175.174
DB Version: 2024-05-09 15:00:18

Trojan.Win64.Agent.cld

Trojan Agent is malicious software that masquerades as legitimate files or programs to carry out various harmful actions on infected computers, such as data theft or remote control by cybercriminals.

File DocumentSaver.exe
Checked 2024-05-09 12:47:20
MD5 7df79de2f5e31263208ef83caca7b1f0
SHA1 670224a6b59827de20a93cbe754edfb510cf3cc3
SHA256 39d242660c6d5dbe97d5725bbfed0f583344d18840ccd902fffdd71af12e20ec
SHA512 234566d57fb88df4919293d23ee18299d383cdd29d8aeb359c262a52b2423556cc4e08f0eab9846fae0113d44f05f3205a78116dd61261fa88726921b033c6dd
File Size 5434336 bytes

Trojan.Win64.Agent.cld Removal

Trojan.Win64.Agent.cld Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.Agent.cld without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Translation 0x0000 0x04b0
Comments
CompanyName
FileDescription DocumentSaver
FileVersion 1.0.0.0
InternalName DocumentSaver.exe
LegalCopyright Copyright © 2022
LegalTrademarks
OriginalFilename DocumentSaver.exe
ProductName DocumentSaver
ProductVersion 1.0.0.0
Assembly Version 1.0.0.0

Portable Executable Info

Image Base: 0x00400000
Entry Point: 0x00400000
Compilation: 2092-11-16 11:29:39
Checksum: 0x005356df (Actual: 0x005356df)
OS Version: 4.0
PEiD: PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Sign: Chain verification from CN=DESKTOP-DSDK4NU\\Jefry (serial:142108478791679507723486833371791425021, sha1:07085cf77beeafc755754e6e0f59dcdabf657d7c) failed: The X.509 certificate provided is self-signed - "Common Name: DESKTOP-DSDK4NU\Jefry"
Sections: 2
Imports: 0
Exports: 0
Resources: 1

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00002000 0x0052e048 0x0052e200 3b715f045453069fd6674f3981d97e03 8.00
.rsrc 0x00532000 0x00000398 0x00000400 90e6e916cb56970e8caed21af0f63fa2 2.90

Leave a comment *

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware