The gate exe exe File Malware Analysis
Gridinsoft Logo

The gate.exe.exe File Analysis

Updated 3 days ago
Checked by Malware Check
gate.exe.exe

Technical Analysis

File Name gate.exe.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
768:3CKqxQ5ivmzLOJ8R/ea1m5prnnj1x9QfohzHyhXwx87OPb3c96aEwBR0N/BOaoy4:yKqxQGmzLOJXEm5pnnvKfM0cu50z9r4
Scanner Version 1.0.223.174
Database Version 2025-08-28 06:00:43 UTC

Suspicious File Detected

Detected by 58 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
81%
Detection Rate
41,472
File Size (bytes)
58/72
Engines Detected
2025-08-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
563892d98b31ba42fd64c34eb99dfb29
SHA1
0dbd6da53917fbe45be931e264ce24c6358a777c
SHA256
5778218134f45a6220877d82a5d88f83303c7cffc4313f0562901ea71cd4d373
SHA512
bc5e0c7430c10dd6906109d6cc1fa57da3df605cd8f4ac9da7a792fb55738704cc439143103f5eb2216f8e1a22b1cc9f876986766eab453233ce227d78b67da1
ImpHash
196b77deb96b548b58e07c9630bc5e67

Security Engines with Detections (58 of 72)

Bkav
W32.AIDetectMalware Malicious
Elastic
malicious (high confidence) Malicious
Cynet
Malicious (score: 100) Malicious
CTX
exe.unknown.fugrafa Malicious
Skyhigh
BehavesLike.Win32.Backdoor.ph Malicious
ALYac
Gen:Variant.Fugrafa.86086 Malicious
Malwarebytes
Seleya.Backdoor.Bot.DDS Malicious
Sangfor
Suspicious.Win32.Save.a Malicious
K7AntiVirus
Trojan ( 0040f8b51 ) Malicious
K7GW
Trojan ( 0040f8b51 ) Malicious
CrowdStrike
win/malicious_confidence_100% (D) Malicious
Baidu
Win32.Trojan.Seleya.b Malicious
VirIT
Trojan.Win32.Generic.BXXD Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
Win32/Seleya.A Malicious
APEX
Malicious Malicious
ClamAV
Win.Trojan.Zusy-9754525-0 Malicious
Kaspersky
Trojan.Win32.Fsysna.byam Malicious
BitDefender
Gen:Variant.Fugrafa.86086 Malicious
NANO-Antivirus
Trojan.Win32.Jorik.coonib Malicious
ViRobot
Trojan.Win32.Jorik.41472.A Malicious
MicroWorld-eScan
Gen:Variant.Fugrafa.86086 Malicious
Avast
Win32:Jorik-HP [Trj] Malicious
Tencent
Malware.Win32.Gencirc.10b0d45d Malicious
Emsisoft
Gen:Variant.Fugrafa.86086 (B) Malicious
F-Secure
Trojan.TR/Dldr.Delphi.Gen Malicious
DrWeb
Trojan.DownLoader11.43692 Malicious
VIPRE
Gen:Variant.Fugrafa.86086 Malicious
TrendMicro
TROJ_DOWNLOADER_EG210009.UVPA Malicious
McAfeeD
ti!5778218134F4 Malicious
SentinelOne
Static AI - Malicious PE Malicious
Trapmine
malicious.moderate.ml.score Malicious
Sophos
Mal/DelpDldr-A Malicious
Ikarus
Backdoor.Win32.DarkMoon Malicious
GData
Gen:Variant.Fugrafa.86086 Malicious
Jiangmin
Trojan/Jorik.ayrn Malicious
Webroot
W32.Trojan.Gen Malicious
Google
Detected Malicious
Avira
TR/Dldr.Delphi.Gen Malicious
Antiy-AVL
Trojan/Win32.Gbod Malicious
Xcitium
TrojWare.Win32.TrojanDownloader.Delf.gen@1xqow5 Malicious
Arcabit
Trojan.Fugrafa.D15046 Malicious
ZoneAlarm
Mal/DelpDldr-A Malicious
Microsoft
DDoS:Win32/Darktima.A Malicious
Varist
W32/Delfloader.B.gen!Eldorado Malicious
AhnLab-V3
Backdoor/Win32.Gbod.R29748 Malicious
Cylance
Unsafe Malicious
Panda
Trj/Genetic.gen Malicious
TrendMicro-HouseCall
Trojan.Win32.VSX.PE04C9j Malicious
Rising
HackTool.DDoS-Darktima!8.121E (TFE:4:Hxniu3xvHgV) Malicious
Yandex
Trojan.GenAsa!5zr9VhcbNZg Malicious
TrellixENS
GenDownloader.rr Malicious
huorong
HEUR:Trojan/HVM10.b Malicious
MaxSecure
Trojan.Malware.331091412.susgen Malicious
Fortinet
W32/Jorik.BGT!tr Malicious
AVG
Win32:Jorik-HP [Trj] Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan[downloader]:Win/Seleya.57a25477 Malicious
14 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x004092e0
Compilation Time 1992-06-19 22:22:17
Checksum 0x00000000 (Actual: 0x0000f6a3)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 8 libraries
kernel32, user32, advapi32, oleaut32, shell32, URLMON, wsock32, ICMP
Exports 0 functions
Resources 2 Resources
Sections 8 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
CODE 0x00001000 34,004 bytes 34,304 bytes 6.52 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 8A104158F28B7E275467806D2106EA81
DATA 0x0000a000 444 bytes 512 bytes 4.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 44D4CF0E883E033D3322AFD1EC2F31C3
BSS 0x0000b000 1,733 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x0000c000 1,980 bytes 2,048 bytes 4.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DD4130F2A81D45E8077F7DB079D39AC8
.tls 0x0000d000 8 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x0000e000 24 bytes 512 bytes 0.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ C6F38483AD5F861F5AEFB99B7E15DDA9
.reloc 0x0000f000 2,136 bytes 2,560 bytes 6.09 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ F59D2FA07E50D403D73CBFEFE912D9EC
.rsrc 0x00010000 512 bytes 512 bytes 3.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ C0861872DFA242116BBA0EC4B6EA71D8
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 2 (168 bytes)
Resource Type Count Total Size Percentage
RT_RCDATA 2 168 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
58 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware