Gridinsoft Logo
File Icon

Golden.exe Trojan Heuristic Analysis

Updated 1 year ago
Checked by Malware Check
Golden.exe

Technical Analysis

File Name Golden.exe
Scanner Version 1.0.136.174
Database Version 2023-09-08 08:01:48 UTC

Trojan.Heur!.01010023

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
20,284,920
File Size (bytes)
2023-09-08
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
b422ce0900cc6955340ae1299afd1122
SHA1
f864efa2036dd30f4fc2cb6d719fbe0d2c72c6a3
SHA256
57a14e84bfc6c2070115f827736d264bf7ba092cbc90bea4365939359f39f083
SHA512
5cff520c4d6fc0af82d6541421569a0fa597cf086222c82514be4d353d2268e2ad7b7b00107ce1c738170b2cc6bf1a4870eb7978afeace706ce14d03f1d77dea
ImpHash
2a9a8afe0c4589826f3e83ff7470eb91

PE Analysis

Basic Information

Icon
Hash: 0083a7d377bafa81777c9822b7cedbf1
Fuzzy: 7f2197d1f46a139ef951e97946570b26
dHash: 00c1c8e4c4cc6880
Image Base 0x00400000
Entry Point 0x01679a60
Compilation Time 2023-06-13 18:44:10
Checksum 0x01363e73 (Actual: 0x01363e73)
OS Version 4.0
PEiD Signatures No signatures detected
Digital Signature OK
Imports 7 libraries
kernel32, oleaut32, user32, advapi32, ole32, ntdll, shlwapi
Exports 0 functions
Resources 4 Resources
Sections 4 Sections

Digital Signatures

AAA Certificate Services Sectigo Limited (GB)
Sectigo Public Code Signing CA R36 Carlos Armando Celaya López (MX)
Sectigo Public Code Signing Root R46 Sectigo Limited (GB)

Version Information

Translation 0x0000 0x04b0
Comments Anticheat Solutions
CompanyName Golden Solutions LLC
FileDescription Golden Anticheat
FileVersion 1.3.0.0
InternalName Golden.exe
LegalCopyright Copyright © 2022 Golden Solutions LLC
LegalTrademarks
OriginalFilename Golden.exe
ProductName Golden Anticheat
ProductVersion 1.3.0.0
Assembly Version 1.1.0.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00002000 19,322,952 bytes 19,323,392 bytes 7.20 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 023F8182C1ED161B64300814BF804B89
.rsrc 0x01270000 15,105 bytes 15,360 bytes 4.04 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0FB00A35A068405C49A78721AD991C55
.enigma1 0x01274000 8,192 bytes 221,184 bytes 7.90 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A6F4ACB2FB1B6558072B6683CBA2D329
.enigma2 0x01276000 712,704 bytes 712,704 bytes 5.41 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 91BACE064B02CF508F0C31FCFF5B34DB
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 4 (14,801 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 10,192 bytes
68.9%
RT_GROUP_ICON 1 20 bytes
0.1%
RT_VERSION 1 940 bytes
6.4%
RT_MANIFEST 1 3,649 bytes
24.7%

Certificate Chain Analysis

Certificate #1
Subject Sectigo Public Code Signing Root R46
Sectigo Limited
GB
Issuer AAA Certificate Services
Serial Number 97015870309959729927281967672979788822
Certificate #2
Subject Carlos Armando Celaya López
Carlos Armando Celaya López
MX
Issuer Sectigo Public Code Signing CA R36
Serial Number 9537941119312710837320028783741799988
Certificate #3
Subject Sectigo Public Code Signing CA R36
Sectigo Limited
GB
Issuer Sectigo Public Code Signing Root R46
Serial Number 130417131954583740712891216934480190474
Certificate Verification Status

OK

Trojan.Heur!.01010023 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.01010023 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware