File Name | CMLauncher.exe |
File Type |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Scanner Version | 1.0.193.174 |
Database Version | 2024-10-19 15:00:33 UTC |
Malware family: Agent
Hash Type | Value | Action |
---|---|---|
MD5 |
6eb5bd5c5c219d80cf35268b21141b7d
|
|
SHA1 |
eb9eab739f70258c1c5078740836749f86d0433a
|
|
SHA256 |
507bb3c962c233257999cb65352cec684b7dd611f689eca43c8db4452c84f596
|
|
SHA512 |
9ede414f6bf8937065c44b75bf3139aac76bab3ba3e1006d25703d3469c07a87112e59c1b277adb1214790c61bdc93f566429b0de0653400d077834d46a3ae94
|
|
ImpHash |
79fd65f332ce716896a6cf17170e092e
|
Icon |
Hash: 1fad46a22d2214ac75ed19f037a71821
Fuzzy: 6869e21d0cbc201e6acc930042b6135e dHash: e89c9ad5e5baccc8 |
Image Base | 0x00400000 |
Entry Point | 0x00914edd |
Compilation Time | 2024-01-28 12:11:15 |
Checksum | 0x00ec6db1 (Actual: 0x00ecbc06) |
OS Version | 6.0 |
PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows
|
PDB Path | Z:\_SOURCE_CODE\ClientModLauncher\Launcher\Release\CMLauncher.pdb |
Digital Signature | Chain verification from CN=ClientModGame (serial:126250232860106813693179804450808953640, sha1:b0ed53cd87f9e2bc51c6d202b7f6cfe2acdf953e) failed: The X.509 certificate provided is self-signed - "Common Name: ClientModGame" |
Imports | 26 libraries |
Exports | 3 functions |
Resources | 16 Resources |
Sections | 7 Sections |
LegalCopyright | ClientMod (C) 2024 |
ProductName | ClientMod Launcher |
ProductVersion | 1.4.5 |
FileVersion | 1.4.5 |
Translation | 0x0409 0x04b0 |
Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
---|---|---|---|---|---|---|
.text |
0x00010000 |
10,670,208 bytes | 10,670,592 bytes | 6.67 (Compressed) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
5D061AC4F369A0556A22E433135166C4 |
.rdata |
0x00a40000 |
3,509,638 bytes | 3,509,760 bytes | 6.67 (Compressed) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
419E91BE79539E03F4E007A3DEA276B4 |
.data |
0x00da0000 |
724,092 bytes | 590,848 bytes | 7.48 (Compressed) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
083BFA053CB765FCD5560DB05DFE93E2 |
.cdata |
0x00e60000 |
516 bytes | 1,024 bytes | 2.53 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
DCDA1710F7666849EBC25103CCEE15B5 |
_RDATA |
0x00e70000 |
9,736 bytes | 10,240 bytes | 6.08 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5C2D75C9D32C819A368EE0E85FC4C392 |
.rsrc |
0x00e80000 |
206,712 bytes | 206,848 bytes | 5.37 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
2BB690F2BF7B5456D4BF2A81A92E92E9 |
.reloc |
0x00ec0000 |
482,356 bytes | 482,816 bytes | 6.59 (Compressed) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
72F8E3D9F4C449091EE5CFAA681B8AF7 |
4 section(s) with elevated entropy (≥6.5) - possible compression
Resource Type | Count | Total Size | Percentage |
---|---|---|---|
RT_ICON | 12 | 204,064 bytes | |
RT_GROUP_ICON | 2 | 180 bytes | |
RT_VERSION | 1 | 460 bytes | |
RT_MANIFEST | 1 | 1,079 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
Chain verification from CN=ClientModGame (serial:126250232860106813693179804450808953640, sha1:b0ed53cd87f9e2bc51c6d202b7f6cfe2acdf953e) failed: The X.509 certificate provided is self-signed - "Common Name: ClientModGame"
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Adware.Win32.Agent.cl without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system