Gridinsoft Logo

The payload.bin File Analysis

Updated 1 year ago
Checked by Malware Check
payload.bin

Technical Analysis

File Name payload.bin
File Type
Win32 EXE
Magic Bytes PE32+ executable (console) x86-64, for MS Windows
SSDEEP Hash
1536:VKC+5WzRHU53rHWZEnOkik1SDnB1mxr4fM6eKXBwLsy1ETqfvu+P4Rtsj5o:VKX5iZUmEOk3gDB5MRKXBwLs/
Scanner Version 1.0.138.174
Database Version 2023-09-15 06:02:22 UTC

Suspicious File Detected

Detected by 28 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
39%
Detection Rate
77,824
File Size (bytes)
28/71
Engines Detected
2023-09-15
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
58ca9c35b1bbbac21b65a45f0d5cdf0a
SHA1
af82e16cb670913ea4835009c35a6a4b73805a9f
SHA256
6d9024ab15ec3a4a528bca612f0fb3baf766980103db6477d01f905c08a38910
SHA512
1487d175417cbf38059d055f57cd423f9408b839649402b6be192dac1a814dc46dc2a75a00e81281d9ce68c0a5ce9af169987773b9f1c2653773aa44605cdd84

Security Engines with Detections (28 of 71)

Bkav
W32.AIDetectMalware.64 Malicious
MicroWorld-eScan
Generic.ShellCode.Donut.Marte.2.8BC4EA5C Malicious
ClamAV
Win.Dropper.TrickBot-10007885-0 Malicious
FireEye
Generic.mg.58ca9c35b1bbbac2 Malicious
ALYac
Generic.ShellCode.Donut.Marte.2.8BC4EA5C Malicious
Cylance
unsafe Malicious
VIPRE
Generic.ShellCode.Donut.Marte.2.8BC4EA5C Malicious
CrowdStrike
win/malicious_confidence_90% (D) Malicious
Arcabit
Generic.ShellCode.Donut.Marte.2.8BC4EA5C Malicious
Symantec
ML.Attribute.HighConfidence Malicious
Elastic
Windows.Trojan.Donutloader Malicious
APEX
Malicious Malicious
Cynet
Malicious (score: 100) Malicious
Kaspersky
HEUR:Trojan.Win64.Donut.a Malicious
BitDefender
Generic.ShellCode.Donut.Marte.2.8BC4EA5C Malicious
Avast
Win32:Agent-BCVC [Trj] Malicious
Emsisoft
Generic.ShellCode.Donut.Marte.2.8BC4EA5C (B) Malicious
Trapmine
suspicious.low.ml.score Malicious
Antiy-AVL
Trojan/Win32.Wacatac Malicious
Microsoft
Backdoor:MSIL/AsyncRAT.N!MTB Malicious
ZoneAlarm
HEUR:Trojan.Win64.Donut.a Malicious
GData
Generic.ShellCode.Donut.Marte.2.8BC4EA5C Malicious
Google
Detected Malicious
MAX
malware (ai score=82) Malicious
Rising
Trojan.DonutLoader!1.E39F (CLASSIC) Malicious
AVG
Win32:Agent-BCVC [Trj] Malicious
Cybereason
malicious.cb6709 Malicious
DeepInstinct
MALICIOUS Malicious
43 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140001000
Compilation Time 2020-10-04 22:21:39
Checksum 0x00000000 (Actual: 0x00021fa6)
OS Version 5.2
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
Digital Signature The PE file does not contain a certificate table.
Imports 0
Exports 0 functions
Resources 0 Resources
Sections 1 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 77,824 bytes 77,312 bytes 7.38 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE F358F93CF7569D1586DF9AD597FB4DFC
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
28 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware