The sv_pureLevelBypass.exe File Analysis

Updated 3 days ago

Checked by Malware Check

sv_pureLevelBypass.exe

Technical Analysis

File Name	sv_pureLevelBypass.exe
File Type	Win32 EXE
Magic Bytes	`PE32+ executable (console) x86-64, for MS Windows`
SSDEEP Hash	6144:S+KNCcpbSuzWYZph0lhSMXlBXBWnW7EP:+NCcpbS8jZph0lhSMXliW
Scanner Version	1.0.223.174
Database Version	2025-08-19 13:00:25 UTC

⚠

Suspicious File Detected

Detected by 13 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

18%

Detection Rate

211,456

File Size (bytes)

13/72

Engines Detected

2025-08-19

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	2c29e04514b906b53f8f3c0a99fc6de5
SHA1	0879496d2f9f38926de867957f41d0cdedc62ba4
SHA256	694e29d55032c7f303684ae4e869000a69d08551536f9a6906dc73a5a8b2868a
SHA512	d92714a05dfec74b96d2a1a3047971e0a24056ee788fe06002f57bf62511411dd3565474c44dafe0b401e94eb2e386b76418f0e117553cf0d5046a6e5b1e959e
ImpHash	853ca5f9e8bf25047d4c028b283cbf5f

Security Engines with Detections (13 of 72)

Bkav

W64.AIDetectMalware Malicious

CAT-QuickHeal

Trojan.Ghanarava.1746605300fc6de5 Malicious

CrowdStrike

win/malicious_confidence_70% (W) Malicious

Symantec

ML.Attribute.HighConfidence Malicious

APEX

Malicious Malicious

Paloalto

generic.ml Malicious

McAfeeD

ti!694E29D55032 Malicious

Antiy-AVL

Trojan/Win32.Agent Malicious

Panda

Trj/Chgt.AD Malicious

Rising

[email protected] (RDML:1RcidWTToYRFKtblnerHFA) Malicious

TrellixENS

Artemis!2C29E04514B9 Malicious

MaxSecure

Trojan.Malware.317832575.susgen Malicious

DeepInstinct

MALICIOUS Malicious

59 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Image Base	`0x140000000`
Entry Point	`0x14000db68`
Compilation Time	2024-06-05 14:15:28
Checksum	0x00000000 (Actual: 0x0003c043)
OS Version	6.0
PEiD Signatures	`PE32+ executable (console) x86-64, for MS Windows`
PDB Path	`C:\Users\Francja\source\repos\sv_pureLevelBypass\x64\Release\sv_pureLevelBypass.pdb`
Digital Signature	No valid SignedData structure was found.
Imports	10 libraries KERNEL32, USER32, MSVCP140, VCRUNTIME140, VCRUNTIME140_1, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-locale-l1-1-0
Exports	0 functions
Resources	1 Resources
Sections	6 Sections

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	55,379 bytes	55,808 bytes	6.51 (Compressed)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`6632CB0532F9314A70DED054E3F92117`
`.rdata`	`0x0000f000`	150,166 bytes	150,528 bytes	6.69 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`A8C8AEAB0815DCCD4A22273CD13CB340`
`.data`	`0x00034000`	2,408 bytes	1,024 bytes	3.56 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`F6D309CAF4E0A0903365C0D7A9283A08`
`.pdata`	`0x00035000`	1,860 bytes	2,048 bytes	4.45 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`10089C00DA1C1829E348782ABA1E3D73`
`.rsrc`	`0x00036000`	480 bytes	512 bytes	4.71 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`4C0974F46496B0DC7164575AF8F9B24D`
`.reloc`	`0x00037000`	172 bytes	512 bytes	2.21 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`1869F57651CB608BD45014A9BF9DAC5B`

Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

▼

Total Resources: 1 (381 bytes)

Resource Type	Count	Total Size	Percentage
RT_MANIFEST	1	381 bytes	100%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

13 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1