Gridinsoft Logo
File Icon

The Olib2.4.0-green.exe (Olib2.4.0.exe) File Analysis

Updated 3 months ago
Checked by Malware Check
Olib2.4.0-green.exe

Technical Analysis

File Name Olib2.4.0-green.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
786432:xaUzI9rTbwCNCz5XqaIQrkPX1JHh3x+ojMJCifvaUJ4BL3QIKISeqebYbV4QLLQC:hzyb/CFgQkXB3xXq7JzWStebYBpLQIUC
Scanner Version 1.0.226.174
Database Version 2025-10-05 13:00:25 UTC

Suspicious File Detected

Detected by 25 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
36%
Detection Rate
48,684,544
File Size (bytes)
25/69
Engines Detected
2025-10-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
80a4d3ca90ae3b2323bd539c10bedc19
SHA1
2d3759eab566428763f6796c975032e316b03a66
SHA256
468eee9aad35bd90c936ae48d357fd740832e4676ec71152beb6aea02fae0a69
SHA512
7f1e1ed55a600bcb661af11e2eff8a310db7ec5ebdda791931817b4c6054717ec24496518e63aa8f2f80be48801fe1946ebfc4f39f0f4dfc0caf7b313eb7bb52
ImpHash
649d0f5fe706113d7a5680c60804dde7

Security Engines with Detections (25 of 69)

Lionic
Trojan.Win32.Generic.4!c Malicious
CTX
exe.trojan.tnega Malicious
CAT-QuickHeal
Hacktool.Tnega Malicious
Skyhigh
Artemis Malicious
ALYac
Gen:Variant.Tedy.790445 Malicious
VIPRE
Gen:Variant.Tedy.790445 Malicious
CrowdStrike
win/malicious_confidence_60% (D) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
Paloalto
generic.ml Malicious
BitDefender
Gen:Variant.Tedy.790445 Malicious
Avast
Win64:MalwareX-gen [Misc] Malicious
Emsisoft
Gen:Variant.Tedy.790445 (B) Malicious
McAfeeD
ti!468EEE9AAD35 Malicious
Trapmine
suspicious.low.ml.score Malicious
Ikarus
Trojan.Python.Psw Malicious
Webroot
W32.Malware.gen Malicious
Varist
W64/ABTrojan.EMOT-6147 Malicious
Microsoft
HackTool:Win32/Tnega!MTB Malicious
Arcabit
Trojan.Tedy.DC0FAD Malicious
GData
Gen:Variant.Tedy.790445 Malicious
Google
Detected Malicious
Panda
Trj/Chgt.AD Malicious
Fortinet
W32/PossibleThreat Malicious
AVG
Win64:MalwareX-gen [Misc] Malicious
alibabacloud
Trojan:Win/Tnega.Gen Malicious
44 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 66b5a5d56b02dbe5fdd2bf16da3c3845
Fuzzy: 24bc13679af3ab5cbca46257051bfcf1
dHash: 8249f06168f06186
Image Base 0x140000000
Entry Point 0x14000e408
Compilation Time 2025-06-09 12:50:23
Checksum 0x00000000 (Actual: 0x02e78997)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 2 libraries
SHELL32, KERNEL32
Exports 0 functions
Resources 5 Resources
Sections 7 Sections

Version Information

CompanyName shiyi_studio
ProductName Olib
LegalCopyright 2025 shiyi0x7f
ProductVersion 2.4.0.0
FileVersion 2.4.0.0
OriginalFilename Olib2.4.0.exe
InternalName Olib2.4.0
FileDescription Olib2.4.0.exe
Translation 0x0000 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 148,752 bytes 148,992 bytes 6.50 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 0E5660C9354E72480E82D4733CB6F35C
.rdata 0x00026000 61,718 bytes 61,952 bytes 5.69 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8766D0EDD181640E00526A2526F5C0A8
.data 0x00036000 175,584 bytes 3,072 bytes 1.97 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0DBD2E5C17D043539E3F4C7CA47AE7D3
.pdata 0x00061000 6,468 bytes 6,656 bytes 5.34 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4F88AB1F0A7445C75D4F11C7BDE0E0FD
.fptable 0x00063000 256 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x00064000 48,459,984 bytes 48,460,288 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D5F93466BC4E5FE7DA786A15464277C0
.reloc 0x02e9c000 1,688 bytes 2,048 bytes 4.99 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ BD90E9D354CE372545B917E49A72E2E4
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 5 (48,459,605 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 270,376 bytes
0.6%
RT_RCDATA 1 48,187,264 bytes
99.4%
RT_GROUP_ICON 1 20 bytes
0%
RT_VERSION 1 680 bytes
0%
RT_MANIFEST 1 1,265 bytes
0%

Certificate Chain Analysis

Certificate Information
Product Olib
Description Olib2.4.0.exe
File Version 2.4.0.0
Original Name Olib2.4.0.exe
Internal Name Olib2.4.0
Copyright 2025 shiyi0x7f

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
25 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware