Xf adesk19 x64 exe Trojan Agent File Malware Analysis: d7e19a629e102152ccb6eb2307db8523
Gridinsoft Logo
File Icon

Xf-adesk19_x64.exe Trojan Agent Analysis

Updated 3 days ago
Checked by Malware Check
xf-adesk19_x64.exe

Technical Analysis

File Name xf-adesk19_x64.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Scanner Version 1.0.224.174
Database Version 2025-09-15 21:00:56 UTC

Trojan.Win32.Agent.dg

Malware family: Agent

Trojan Agent malware disguises itself as legitimate software while performing unauthorized activities including data theft and providing remote system access to threat actors.
N/A
Detection Rate
622,080
File Size (bytes)
2025-09-15
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
d7e19a629e102152ccb6eb2307db8523
SHA1
32b5fe0a984fec697d0abb94185e8fdb2beca918
SHA256
52f756a73c0db036b07d590708cc72d0d1ad5d4827b6f38345afa17564ac85f8
SHA512
1132c5ec71a48ab3327fae3f510d615d222d4740a800f5e25c6b5b24aa5a7a3336414a5c511eeedd3e0795f47b8306a6ac1b04799f4fb843fbbd32b2ec79a38b
ImpHash
619f4a0d2715efe3a597e75d35c766b2

PE Analysis

Basic Information

Icon
Hash: 33e975103e259e3951144b5945b3c7f6
Fuzzy: 6afd36cf73eddafaf05583be67d58113
dHash: 4529d6c4e4f4c8b6
Image Base 0x00400000
Entry Point 0x006453b0
Compilation Time 2018-05-20 17:52:17
Checksum 0x00000000 (Actual: 0x00098671)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Digital Signature No valid SignedData structure was found.
Imports 6 libraries
KERNEL32, ADVAPI32, GDI32, SHELL32, USER32, WINMM
Exports 0 functions
Resources 13 Resources
Sections 3 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
UPX0 0x00001000 1,769,472 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
UPX1 0x001b1000 614,400 bytes 610,816 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 90DDA40D723226523C82F28E58E52547
.rsrc 0x00247000 12,288 bytes 10,240 bytes 5.74 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE C2CE83970B8B6094086F66B548786BF9
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 13 (287,858 bytes)
Resource Type Count Total Size Percentage
RT_RCDATA 1 85,504 bytes
29.7%
RT_BITMAP 9 193,558 bytes
67.2%
RT_ICON 1 8,500 bytes
3%
RT_DIALOG 1 276 bytes
0.1%
RT_GROUP_ICON 1 20 bytes
0%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Win32.Agent.dg Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win32.Agent.dg without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware