The Wondershare Filmora 13 Crack.exe (Educational content synchronization) File Analysis

Updated 1 year ago

Checked by Malware Check

Wondershare Filmora 13 Crack.exe

Technical Analysis

File Name	Wondershare Filmora 13 Crack.exe
File Type	Win32 EXE
Magic Bytes	`PE32 executable (console) Intel 80386, for MS Windows`
SSDEEP Hash	24576:xyKyCVVvDybcRTKdoUgx8Cu8qEYjO4usJ+2V:WMvDjRTKdyaj8qEl4usfV
Scanner Version	1.0.153.174
Database Version	2024-01-05 05:02:28 UTC

⚠

Suspicious File Detected

Detected by 3 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

Detection Rate

834,382

File Size (bytes)

3/66

Engines Detected

2024-01-05

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	5cda22244188f67f15a0260f5e371659
SHA1	e3171ac9a2453434bb87d49f2ce5c930e3bffc66
SHA256	4d8f9ba472f30a410771fc7bc7c7338255932c6576b40519c4dbb31ab5dd4e3b
SHA512	faa1d465ffe33badcd1ad258bfbd7d0f5173811e4cb17eeacaaa3b69dcbefd99b2b2bbc0f91f62d98157dfc78bcfe7b3b7571b8e599a1532cfb958543d892408
ImpHash	6b901e8d6aef409de7162a2f43564c16

Security Engines with Detections (3 of 66)

Kaspersky

UDS:Backdoor.Win32.Agent.myutjp Malicious

Microsoft

Trojan:Win32/Sonbokli.A!cl Malicious

ZoneAlarm

UDS:Backdoor.Win32.Agent.myutjp Malicious

63 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Icon	Hash: 5c9d46c910e111f3b80ccf9a27f462ef Fuzzy: 599b4ea5d94f42c4ea1a12ac5f759fc6 dHash: 6166ced6d4a4fc3c
Image Base	`0x00400000`
Entry Point	`0x00419fa6`
Compilation Time	2018-05-21 01:48:32
Checksum	0x000d8fb5 (Actual: 0x000db760)
OS Version	6.0
PEiD Signatures	`PE32 executable (console) Intel 80386, for MS Windows`
PDB Path	`Z:\7zsfxmm-51139022f6d790da60884077b63b2f265052be0b\Output\Win32\7ZSfxMod.pdb`
Digital Signature	The expected hash does not match the digest in SpcInfo
Imports	8 libraries COMCTL32, KERNEL32, USER32, GDI32, ADVAPI32, SHELL32, ole32, OLEAUT32
Exports	0 functions
Resources	11 Resources
Sections	4 Sections

Digital Signatures

▼

Certum Trusted Network CA	Unizeto Technologies S.A. (PL)
Certum Timestamping 2021 CA	Asseco Data Systems S.A. (PL)
Certum Trusted Network CA 2	Asseco Data Systems S.A. (PL)
Certum Trusted Network CA 2	Asseco Data Systems S.A. (PL)
Certum Code Signing 2021 CA	Marek Jasiński (DE)

Version Information

▼

Comments	Educational content synchronization
CompanyName	EduSync
FileDescription	Educational content synchronization
FileVersion	6.131.5.7321
InternalName	EduSync
LegalCopyright	Copyright © EduLink Dynamics 2018
ProductName	EduSync
ProductVersion	6.131.5.7321
Translation	0x0000 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	147,649 bytes	147,968 bytes	6.66 (Compressed)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`3CE2B00D4A634CB7A29FAB1781EF5D10`
`.rdata`	`0x00026000`	38,236 bytes	38,400 bytes	5.32 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`FF8D4C8B8735383A2477365895FD66B3`
`.data`	`0x00030000`	23,796 bytes	4,096 bytes	3.02 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D947C19C278365DF9FE2DF826374B170`
`.rsrc`	`0x00036000`	23,836 bytes	24,064 bytes	6.68 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`5FD6316038D6343A2DEEEA40CE0601FA`

Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

▼

Total Resources: 11 (23,192 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	3	20,207 bytes	87.1%
RT_STRING	4	468 bytes	2%
RT_GROUP_ICON	1	48 bytes	0.2%
RT_VERSION	1	800 bytes	3.4%
RT_MANIFEST	2	1,669 bytes	7.2%

Certificate Chain Analysis

▼

Certificate #1

Subject	Certum Trusted Network CA 2 Unizeto Technologies S.A. PL
Issuer	Certum Trusted Network CA
Serial Number	`36831864946870993744187066625231351079`

Certificate #2

Subject	Certum Timestamp 2023 Asseco Data Systems S.A. PL
Issuer	Certum Timestamping 2021 CA
Serial Number	`12990091761336652031772869827997649713`

Certificate #3

Subject	Certum Code Signing 2021 CA Asseco Data Systems S.A. PL
Issuer	Certum Trusted Network CA 2
Serial Number	`204220824695607667577196483744657304121`

Certificate #4

Subject	Certum Timestamping 2021 CA Asseco Data Systems S.A. PL
Issuer	Certum Trusted Network CA 2
Serial Number	`308377848162979334299411899320923366791`

Certificate #5

Subject	Marek Jasiński Marek Jasiński DE
Issuer	Certum Code Signing 2021 CA
Serial Number	`129159268126098491521307128815499787828`

Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

3 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1