Gridinsoft Logo
File Icon

Audiograbber183-2020.exe Trojan Downloader Analysis

Updated 2 days ago
Checked by Malaware Check
audiograbber183-2020.exe

Technical Analysis

File Name audiograbber183-2020.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.217.174
Database Version 2025-05-29 19:00:19 UTC

Trojan.Win32.Downloader.dd!c

Malware family: Downloader

Downloader Trojans specialize in retrieving and installing additional malware payloads. Unlike comprehensive malware, they focus specifically on payload delivery rather than direct system damage.
N/A
Detection Rate
6,001,048
File Size (bytes)
2025-05-29
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
537b8119634342d1cfb0f2caf16ac1d2
SHA1
d57c4d876c2faaab1b10b27df393bd921fdc8cb9
SHA256
3b4692435648f892b59c1cf1c293208cdd41d4c75546c9f955710473c4e19851
SHA512
6f5105d078ba5d4fe642d9471961ec701c237ea9ae45ee224a89074a39d259a8468731d6fb1746cdf8c63738b55849b53eaa6f5ea0aec326a71c58ccc4289755
ImpHash
e00de6e48b9b06aceb12a81e7bf494c9

PE Analysis

Basic Information

Icon
Hash: f68c0604f7d4396f6d98f4d408a325d2
Fuzzy: 9c3078f4e5cd948f3bcb2c23a23b2113
dHash: 24f1f0dab83018b2
Image Base 0x00400000
Entry Point 0x004148d4
Compilation Time 2011-04-18 18:54:06
Checksum 0x005c8c98 (Actual: 0x005c8c98)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature OK
Imports 4 libraries
OLEAUT32, USER32, SHELL32, KERNEL32
Exports 0 functions
Resources 16 Resources
Sections 5 Sections

Version Information

FileVersion 0.0.0.0
ProductVersion 0.0.0.0
CompanyName AGB001
FileDescription Software Installation
InternalName
LegalCopyright AGB001
OriginalFilename
ProductName Audiograbber
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 104,384 bytes 104,448 bytes 6.61 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 206B62D600BEB166F8BF863AD5301F8C
.rdata 0x0001b000 17,552 bytes 17,920 bytes 4.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B0314F39355CAB7D4674A0928D3B15F2
.data 0x00020000 23,144 bytes 12,800 bytes 1.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 8D44C03D32E0C923339CDA9FAE15827A
.sxdata 0x00026000 4 bytes 512 bytes 0.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_LNK_INFO|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 35925CFDC1176BD9FFC634A58B40EC17
.rsrc 0x00027000 144,932 bytes 145,408 bytes 4.62 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4D808376252B0E99B47E4223656DF4E8
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 16 (143,980 bytes)
Resource Type Count Total Size Percentage
RT_ICON 9 141,128 bytes
98%
RT_DIALOG 1 184 bytes
0.1%
RT_STRING 2 200 bytes
0.1%
RT_GROUP_ICON 2 138 bytes
0.1%
RT_VERSION 1 656 bytes
0.5%
RT_MANIFEST 1 1,674 bytes
1.2%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

OK

Trojan.Win32.Downloader.dd!c Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win32.Downloader.dd!c without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware