Gridinsoft Logo
File Icon

The 𝑺𝑬𝑻𝑼𝑷.exe File Analysis

Updated 3 hours ago
Checked by Malware Check
𝑺𝑬𝑻𝑼𝑷.exe

Technical Analysis

File Name 𝑺𝑬𝑻𝑼𝑷.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
49152:qw50iNEX4SXKJ2QJjU5B40K75MOn8nU7iO:qeVJZG5B40K7aOn5iO
Scanner Version 1.0.248.174
Database Version 2026-06-18 20:00:15 UTC
⚠

Suspicious File Detected

Detected by 21 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
31%
Detection Rate
2,909,056
File Size (bytes)
21/67
Engines Detected
2026-06-18
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
6cdaf41d4d7597003d4d9ffea5498026
SHA1
16d2004eaa66521b788726ee0667c051bcd9410a
SHA256
59b0260257ba3292232927eec17e5732bc65456a871b5aeddb8ede56eb85eed7
SHA512
3279cd2735ea1fb9e7f26ddfc45e3346faabc1b355d575ffa0105296803c9face4b608b743e8b49b466711abd0349e12b582b5d327ff2dbbbdf735831538f10e
ImpHash
d42595b695fc008ef2c56aabd8efd68e

Security Engines with Detections (21 of 67)

Bkav
W32.Malware.931D2D9D Malicious
Sangfor
Trojan.Win32.Agent.Vfhj Malicious
CrowdStrike
win/malicious_confidence_60% (D) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
Elastic
malicious (high confidence) Malicious
Paloalto
generic.ml Malicious
Kaspersky
UDS:DangerousObject.Multi.Generic Malicious
Sophos
Mal/Generic-S Malicious
McAfeeD
ti!59B0260257BA Malicious
Trapmine
suspicious.low.ml.score Malicious
Google
Detected Malicious
Avira
TR/W64.Evo Malicious
Microsoft
Trojan:Win32/Egairtigado!rfn Malicious
AhnLab-V3
Infostealer/Win.Remus.R779526 Malicious
DeepInstinct
MALICIOUS Malicious
Malwarebytes
Malware.AI.2498404834 Malicious
Panda
Trj/PhxBzA.A Malicious
TrellixENS
Artemis!6CDAF41D4D75 Malicious
Fortinet
W64/MALD2.A8E8!tr Malicious
AVG
FileRepMalware [Trj] Malicious
Avast
FileRepMalware [Trj] Malicious
46 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

β–Ό
Icon
Hash: 974aa2e70dae5f2c444faf2e011c054b
Fuzzy: a30d09319e6d182305fd88977a796685
dHash: 30b0b8786c687004
Image Base 0x140000000
Entry Point 0x140075920
Compilation Time 1970-01-01 00:00:00
Checksum 0x002cd95e (Actual: 0x002cd95e)
OS Version 6.1
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature Chain verification from CN=sindimec.org.br, O=MTPwxwFpRb6V, L=nHNMgq, ST=ZPUWidd8Z, C=US (serial:8602956534988511510, sha1:a6208a106d1936b9e2d42de745fc863698a5c780) failed: The X.509 certificate provided is self-signed - "Common Name: sindimec.org.br, Organization: MTPwxwFpRb6V, Locality: nHNMgq, State/Province: ZPUWidd8Z, Country: US"
Imports 1 libraries
kernel32
Exports 0 functions
Resources 6 Resources
Sections 9 Sections

PE Sections

β–Ό
Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 933,521 bytes 933,888 bytes 6.25 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6891242233A3E0D83DCD7ABEEEEC3B48
.rdata 0x000e5000 1,645,168 bytes 1,645,568 bytes 6.66 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9D85175C5E6E9AAC34351B51CCD5619C
.data 0x00277000 385,768 bytes 84,992 bytes 5.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 56CEBF063296AF5092F75120FF3F104C
.pdata 0x002d6000 24,012 bytes 24,064 bytes 5.27 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ BBF0E3EF73EDDFA6297D36BE3E8B4195
.xdata 0x002dc000 180 bytes 512 bytes 1.76 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F31D92E6F313CFB249FDFF0D2766BC76
.idata 0x002dd000 1,342 bytes 1,536 bytes 4.01 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE FD5E4C70585A380387738085A131CE93
.reloc 0x002de000 18,324 bytes 18,432 bytes 5.43 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 1F7E4C27DD87D8E0ADF7E8F1E5F7333C
.symtab 0x002e3000 150,404 bytes 150,528 bytes 5.19 (Normal) IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ BB9E7B7DCA97A1E4306626D18F997D02
.rsrc 0x00308000 45,096 bytes 45,568 bytes 7.95 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F1B93F6FD7BFDF7867D3E56A9B45C980
Entropy Analysis Alert

1 section(s) with high entropy (β‰₯7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (β‰₯6.5) - possible compression

Resource Analysis

β–Ό
Total Resources: 6 (44,734 bytes)
Resource Type Count Total Size Percentage
RT_ICON 5 44,658 bytes
99.8%
RT_GROUP_ICON 1 76 bytes
0.2%

Certificate Chain Analysis

β–Ό
Certificate Information
Verification Status A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signers sindimec.org.br
Certificate Chain Summary
sindimec.org.br #1 Primary
Validity Period: 2026-06-17 06:03:08 β†’ 2027-06-17 06:03:08
Signature Algorithm: sha256RSA
Serial Number: 77 63 D7 63 5E 1D 99 16

βœ“ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from CN=sindimec.org.br, O=MTPwxwFpRb6V, L=nHNMgq, ST=ZPUWidd8Z, C=US (serial:8602956534988511510, sha1:a6208a106d1936b9e2d42de745fc863698a5c780) failed: The X.509 certificate provided is self-signed - "Common Name: sindimec.org.br, Organization: MTPwxwFpRb6V, Locality: nHNMgq, State/Province: ZPUWidd8Z, Country: US"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. 1
    Weekly Quick Scans: Set a reminder to run a scan every Sunday. Most infections are caught within the first week, so regular checks give you peace of mind.
  2. 2
    Update Everything: Those annoying update popups exist for a reason β€” they patch security holes. Windows, browsers, Adobe, Java β€” keep them all current.
  3. 3
    Download Smart: Stick to official websites and app stores. If a "free" version of paid software sounds too good to be true, it probably comes with unwanted extras.
  4. 4
    Think Before You Click: Malware loves email attachments and "urgent" links. Even if an email looks like it's from your bank or a friend, verify suspicious requests through a different channel.
Proactive Protection
21 security engines flagged this file. Could be a real threat, or could be a false alarm β€” common with keygens, game trainers, and legitimate system utilities. Check if the file has a valid digital signature and whether it came from the official source.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Portal
Signed in via Gridinsoft Portal Β· View profile
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just thatβ€”peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware