Gridinsoft Logo
File Icon

Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer.exe Malware Generic Analysis

Updated 11 days ago
Checked by Malware Check
Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer.exe

Technical Analysis

File Name Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-30 13:00:30 UTC

Malware.Win64.Generic.cld

Malware family: Generic

This detection name identifies suspicious files displaying Trojan-like behavior patterns. It represents malware that masquerades as benign programs while executing unauthorized activities on the infected system.
N/A
Detection Rate
1,711,616
File Size (bytes)
2025-12-30
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
49f18daadda23640b6ae6c3fd4d63868
SHA1
77e392fb1a1a8a06520bde6a088e541b24d8875c
SHA256
530abc8faf7bec1d68e0b64bb3b2512a54a248a31f22714d9d5a45ab65e4304a
SHA512
d4b47ed714448c4af77495498653e4bc52ca2208682e7f974286e97a7ca718fd894679124251ac2b4fa6a772db27d29caa021e90b138a8a4dead961e5c9082db
ImpHash
20ab30c2adb4aa0e31a0a8a483e16276

PE Analysis

Basic Information

Icon
Hash: 74743c7b936c05c9784769c493fe0e8f
Fuzzy: a1c738eea59667290c83d00f50a19604
dHash: 70f8fc7a7e8eaab2
Image Base 0x140000000
Entry Point 0x14009c6e0
Compilation Time 2025-12-24 18:12:26
Checksum 0x00000000 (Actual: 0x001a6aa2)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 9 libraries
KERNEL32, USER32, ADVAPI32, SHELL32, ole32, OLEAUT32, mscoree, VERSION, WINMM
Exports 0 functions
Resources 13 Resources
Sections 7 Sections

Version Information

CompanyName 3DMGAME
FileDescription Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer
FileVersion 1.0.0.0
InternalName Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer
LegalCopyright FLiNG Copyright (C) 2025
OriginalFilename Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer.exe
ProductName Avatar Frontiers of Pandora v1.0-v2.5 Plus 20 Trainer
ProductVersion 1.0.0.2
Translation 0x0000 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 834,532 bytes 834,560 bytes 6.45 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 13841DA1CFDDD9A761C6927C7F2896F0
.rdata 0x000cd000 255,398 bytes 255,488 bytes 5.51 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 39DFCAC27867991D6889DF488ECAEFC3
.data 0x0010c000 23,228 bytes 10,752 bytes 3.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A64A1408291FAFDC1322730DC229F576
.pdata 0x00112000 32,736 bytes 32,768 bytes 5.96 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 56A5FFD43BCC8C8B2D78B6EC353393EB
.fptable 0x0011a000 256 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x0011b000 572,880 bytes 572,928 bytes 7.62 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6B274E71255DB2AEDF973732E3DA4B9D
.reloc 0x001a7000 3,560 bytes 3,584 bytes 5.41 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 0A39341AC844B97133FB7CBE2805A3FA
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 13 (571,970 bytes)
Resource Type Count Total Size Percentage
COVER 1 109,634 bytes
19.2%
REMOTE 2 142,852 bytes
25%
UI 1 198,656 bytes
34.7%
WAVE 2 22,222 bytes
3.9%
RT_ICON 4 96,851 bytes
16.9%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 1,040 bytes
0.2%
RT_MANIFEST 1 653 bytes
0.1%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Malware.Win64.Generic.cld Removal

Gridinsoft has the capability to identify and eliminate Malware.Win64.Generic.cld without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware