The Galaxy Swapper v2 exe (Galaxy Swapper v2) Wslt#9596 File Malware Analysis
Gridinsoft Logo
File Icon

The Galaxy Swapper v2.exe (Galaxy Swapper v2) File Analysis

Updated 1 year ago
Checked by Malware Check
Galaxy Swapper v2.exe

Technical Analysis

File Name Galaxy Swapper v2.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.169.174
Database Version 2024-03-16 06:00:20 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
4,895,429
File Size (bytes)
2024-03-16
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
bd8692ab8267a84e033a9216d61d3951
SHA1
54103dec2ac32bca2540d7345040a6a77473e505
SHA256
4cef262cd6d048a816b8441686ce424e348256252959755d806c21dbcbe372b8
SHA512
86145f72d6d7fe1eb740d0c70fe7c8c461da337b05f58b5e80c5121ae497fd37a991faa4d6fcb8c0129634e6d17c34f4e04791309ee215c428b14d08b2e0356b
ImpHash
78da59308ee0088a874b4a6cdd7d91bd

PE Analysis

Basic Information

Icon
Hash: f5a31ec04e050927630ef2b8556d6863
Fuzzy: e674b330ac5ff0d73ddae2233bdbd3b4
dHash: d0f0e8e4fcdcd37e
Image Base 0x140000000
Entry Point 0x140014320
Compilation Time 2023-06-20 19:55:06
Checksum 0x00000000 (Actual: 0x004b4dea)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 12 libraries
Exports 0 functions
Resources 8 Resources
Sections 7 Sections

Version Information

Translation 0x0000 0x04b0
CompanyName Wslt#9596
FileDescription Galaxy Swapper v2
FileVersion 1.0.0.0
InternalName Galaxy Swapper v2.dll
LegalCopyright Copyright © Galaxy Swapper v2
OriginalFilename Galaxy Swapper v2.dll
ProductName Galaxy Swapper v2
ProductVersion 1.0.0
Assembly Version 1.0.0.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 101,500 bytes 101,888 bytes 6.33 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 862B6A1DC2A0FE9FFD3D4382727E71E1
.rdata 0x0001a000 39,982 bytes 40,448 bytes 4.50 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7EE301AB5129FBFCBE57A84922F68E13
.data 0x00024000 5,480 bytes 2,560 bytes 2.64 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 994795142736D1C7C77BEAC3BF748148
.pdata 0x00026000 5,460 bytes 5,632 bytes 5.12 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A5ACBF7EFBC23A3E2942672429AC01CF
_RDATA 0x00028000 348 bytes 512 bytes 3.34 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A050C22A1FE15371AC99688988E31007
.rsrc 0x00029000 43,944 bytes 44,032 bytes 6.52 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ CDF37F755078E8E1BFB79F0AD34974E9
.reloc 0x00034000 840 bytes 1,024 bytes 4.88 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ A9F8C5FFC9C3542B19700BF44209BE83
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 8 (43,446 bytes)
Resource Type Count Total Size Percentage
RT_ICON 5 42,056 bytes
96.8%
RT_GROUP_ICON 1 76 bytes
0.2%
RT_VERSION 1 824 bytes
1.9%
RT_MANIFEST 1 490 bytes
1.1%

Certificate Chain Analysis

Certificate Information
Product Galaxy Swapper v2
Description Galaxy Swapper v2
File Version 1.0.0.0
Original Name Galaxy Swapper v2.dll
Internal Name Galaxy Swapper v2.dll
Copyright Copyright © Galaxy Swapper v2
Certificate Chain Summary
Epic Games Inc. #1 Primary
Validity Period: 2021-02-25 00:00:00 → 2024-02-29 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0D FE 7B A4 82 F0 76 DB 90 BC C2 2B 2C 48 7C BD
DigiCert SHA2 Assured ID Code Signing CA #2 Chain
Validity Period: 2013-10-22 12:00:00 → 2028-10-22 12:00:00
Signature Algorithm: sha256RSA
Serial Number: 04 09 18 1B 5F D5 BB 66 75 53 43 B5 6F 95 50 08
Sectigo RSA Time Stamping CA #3 Chain
Validity Period: 2019-05-02 00:00:00 → 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9
Sectigo RSA Time Stamping Signer #2 #4 Chain
Validity Period: 2020-10-23 00:00:00 → 2032-01-22 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 8C 77 A0 00 8F F4 D1 B0 C6 3D 9F 3A 48 83 8D 6B
Symantec SHA256 TimeStamping CA #5 Chain
Validity Period: 2016-01-12 00:00:00 → 2031-01-11 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 7B 05 B1 D4 49 68 51 44 F7 C9 89 D2 9C 19 9D 12
Symantec SHA256 TimeStamping Signer - G3 #6 Chain
Validity Period: 2017-12-23 00:00:00 → 2029-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 7B D4 E5 AF BA CC 07 3F A1 01 23 04 22 41 4D 12
DigiCert CS RSA4096 Root G5 #7 Chain
Validity Period: 2021-01-15 00:00:00 → 2046-01-14 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 06 CE E1 31 BE 6D 55 C8 07 F7 C0 C7 FB 44 E6 20
.NET Foundation Projects Code Signing CA2 #8 Chain
Validity Period: 2021-07-15 00:00:00 → 2031-07-14 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0A DE 32 E9 50 9B 44 AA 34 B1 DA F1 BC 0E C8 73
Json.NET (.NET Foundation) #9 Chain
Validity Period: 2021-08-13 00:00:00 → 2024-10-29 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0C D1 40 7A 5A BD ED 43 D5 C1 73 12 1D 38 C5 29
DigiCert Timestamp 2022 - 2 #10 Chain
Validity Period: 2022-09-21 00:00:00 → 2033-11-21 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0C 4D 69 72 4B 94 FA 3C 2A 4A 3D 29 07 80 3D 5A
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #11 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #12 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware