| File Name | Cheat Engine 7.5.exe |
| File Type |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| Scanner Version | 1.0.171.174 |
| Database Version | 2024-04-12 21:00:29 UTC |
Malware family: OfferCore
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
a4b99286d19825f642183f3e78782513
|
|
| SHA1 |
3a13275632f09a763200b7d453c164d2887f5795
|
|
| SHA256 |
3bc3a26ab7f5f0b02c5175ba04514a5344804f6c886fdd3ea1f1f9d317ee7a40
|
|
| SHA512 |
e51ba67f7c462ae1b755a879b7d3ec70e302159fc3d08fd6b843075e5c5d3ab1a49a9bcf59773cac6c041152e77dd11c75374f0b8a15cab92e85d0771d85c6b9
|
|
| ImpHash |
5a594319a0d69dbc452e748bcf05892e
|
| Icon |
Hash: 30adcb5c0b2e3c35eaec2c110733c9f8
Fuzzy: c98f96d6ffe5af8d4eb0870c1dc20826 dHash: 92e0b496a6cada72 |
| Image Base | 0x00400000 |
| Entry Point | 0x004b5eec |
| Compilation Time | 2020-11-15 09:48:30 |
| Checksum | 0x01c96e02 (Actual: 0x01c96e02) |
| OS Version | 6.1 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| Digital Signature | OK |
| Imports |
7 libraries
kernel32, comctl32, version, user32, oleaut32, netapi32, advapi32 |
| Exports | 3 functions |
| Resources | 21 Resources |
| Sections | 10 Sections |
| Comments | This installation was built with Inno Setup. |
| CompanyName | |
| FileDescription | EngineGame Installer |
| FileVersion | 7.5.0 |
| LegalCopyright | © EngineGame |
| OriginalFileName | |
| ProductName | EngineGame |
| ProductVersion | 7.5.0 |
| Translation | 0x0000 0x04b0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
734,748 bytes | 735,232 bytes | 6.36 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
AD6E46E3A3ACDB533EB6A077F6D065AF |
.itext |
0x000b5000 |
5,768 bytes | 6,144 bytes | 5.97 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
D40FC822339D01F2ABCC5493AC101C94 |
.data |
0x000b7000 |
14,244 bytes | 14,336 bytes | 5.04 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
4C195D5591F6D61265DF08A3733DE3A2 |
.bss |
0x000bb000 |
28,136 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.idata |
0x000c2000 |
3,894 bytes | 4,096 bytes | 4.90 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
A73D686F1E8B9BB06EC767721135E397 |
.didata |
0x000c3000 |
420 bytes | 512 bytes | 2.76 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
41B8CE23DD243D14BEEBC71771885C89 |
.edata |
0x000c4000 |
154 bytes | 512 bytes | 1.87 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
37C1A5C63717831863E018C0F51DABB7 |
.tls |
0x000c5000 |
24 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.rdata |
0x000c6000 |
93 bytes | 512 bytes | 1.38 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
8F2F090ACD9622C88A6A852E72F94E96 |
.rsrc |
0x000c7000 |
18,432 bytes | 18,432 bytes | 4.42 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
9F25EA605614C16E9BF3ED44E2511D8B |
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_ICON | 4 | 4,640 bytes | |
| RT_STRING | 11 | 8,040 bytes | |
| RT_RCDATA | 3 | 768 bytes | |
| RT_GROUP_ICON | 1 | 62 bytes | |
| RT_VERSION | 1 | 1,412 bytes | |
| RT_MANIFEST | 1 | 1,830 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
OK
Gridinsoft has the capability to identify and eliminate PUP.Win32.OfferCore.dd!c without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
