Gridinsoft Logo
File Icon

The 5c8eb59688c76fe77ec1902abe1bb68a7ab4025c13ef9ad0842460354c3f136f.exe File Analysis

Updated 1 day ago
Checked by Malware Check
5c8eb59688c76fe77ec1902abe1bb68a7ab4025c13ef9ad0842460354c3f136f.exe

Technical Analysis

File Name 5c8eb59688c76fe77ec1902abe1bb68a7ab4025c13ef9ad0842460354c3f136f.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
SSDEEP Hash
24576:OS8s1jrjj49seVI53NdiFdpo0xD2JljX4R:/Fjj4Wt9dExaJy
Scanner Version 1.0.222.174
Database Version 2025-08-07 17:00:31 UTC

Suspicious File Detected

Detected by 16 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
22%
Detection Rate
1,431,552
File Size (bytes)
16/72
Engines Detected
2025-08-07
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
2ba6d75ffc741a85db5b79c402cb5bc8
SHA1
7f0184f83ba1bbd8fc903e2e7e6d8f708b9a1fa5
SHA256
5c8eb59688c76fe77ec1902abe1bb68a7ab4025c13ef9ad0842460354c3f136f
SHA512
48c6ff56c6037aef30683ee4c9edac1bdc96692cead22cb43ee94c1427f49ebf14c9940637a0c68876f36feee6378e40de45936ff3a056a6f1bce3a27e5d7b4c

Security Engines with Detections (16 of 72)

MicroWorld-eScan
Trojan.GenericKD.77039470 Malicious
CTX
exe.unknown.generic Malicious
Cylance
Unsafe Malicious
VIPRE
Trojan.GenericKD.77039470 Malicious
CrowdStrike
win/malicious_confidence_90% (W) Malicious
APEX
Malicious Malicious
BitDefender
Trojan.GenericKD.77039470 Malicious
Emsisoft
Trojan.GenericKD.77039470 (B) Malicious
McAfeeD
ti!5C8EB59688C7 Malicious
Sophos
Generic ML PUA (PUA) Malicious
Microsoft
Trojan:Win32/Wacatac.B!ml Malicious
GData
Trojan.GenericKD.77039470 Malicious
Cynet
Malicious (score: 100) Malicious
Malwarebytes
Malware.Heuristic.2044 Malicious
TrellixENS
Artemis!2BA6D75FFC74 Malicious
DeepInstinct
MALICIOUS Malicious
56 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: ab244c31e92fb111a4bc3b30194386a5
Fuzzy: 0413b16e5a19221d3a1ec6b20bca4688
dHash: 64e4d4d4ecf4d4d4
Image Base 0x00400000
Entry Point 0x00401000
Compilation Time 1970-01-01 00:00:00
Checksum 0x0015eabf (Actual: 0x0015eabf)
OS Version 4.0
PEiD Signatures PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 0
Exports 0 functions
Resources 6 Resources
Sections 5 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,394,088 bytes 1,394,176 bytes 6.92 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES 7F245C9BC30AB1AFD1C1D7990DC2B429
.rdata 0x00156000 52 bytes 512 bytes 0.92 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES 85C07D11139B675E514284BF181B03E1
.bss 0x00157000 432 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_16BYTES D41D8CD98F00B204E9800998ECF8427E
.idata 0x00158000 20 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x00159000 34,848 bytes 35,328 bytes 3.75 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES A7766F777A4804A5E987E2EBD349F951
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 6 (34,484 bytes)
Resource Type Count Total Size Percentage
RT_ICON 5 34,408 bytes
99.8%
RT_GROUP_ICON 1 76 bytes
0.2%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
16 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware