Gridinsoft Logo

The test.dll File Analysis

Technical Analysis

File Name test.dll
File Type
Win32 DLL
Magic Bytes PE32+ executable (DLL) (console) x86-64, for MS Windows
SSDEEP Hash
1536:BiHhVhgorZFDdBrdx56x2gB9TDcL/7yJtxFKHwNXZHKVDXWDKcQeQ4Q5bj2Kr645:0HThgwXL7mKHwp9KVDXW6/56487A
Scanner Version 1.0.167.174
Database Version 2024-02-23 05:00:24 UTC

Suspicious File Detected

Detected by 21 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

Lazy is a Trojan designed to download and install additional malware payloads on infected systems while operating with stealth techniques.
30%
Detection Rate
125,440
File Size (bytes)
21/70
Engines Detected
2024-02-23
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
16f42b5f2989cfdc3c042a595a145b72
SHA1
f5f0dfe17b3c5426f20a9ed98390aef7681f5030
SHA256
73bd3a18cb5770bc43e2b8b5caf0c67e145e3bd1150b118200613335b52b7e6f
SHA512
31f744c5ee8782e11c48c4daef1d97d235d72468f186fe77668fd537a04eaac74635ca42b955c9d10ac72bd0329245d621eb559c96f3e7e5de09a08bbb93e903
ImpHash
7f29b44bae18c2cac761da7e31440a9d

Security Engines with Detections (21 of 70)

MicroWorld-eScan
Gen:Variant.Lazy.474957 Malicious
FireEye
Gen:Variant.Lazy.474957 Malicious
Skyhigh
Artemis!Trojan Malicious
McAfee
Artemis!16F42B5F2989 Malicious
Cylance
unsafe Malicious
Symantec
Trojan.Gen.MBT Malicious
ESET-NOD32
a variant of Win64/GameHack_AGen.UW potentially unsafe Malicious
BitDefender
Gen:Variant.Lazy.474957 Malicious
Sophos
Generic Reputation PUA (PUA) Malicious
Google
Detected Malicious
VIPRE
Gen:Variant.Lazy.474957 Malicious
Emsisoft
Gen:Variant.Lazy.474957 (B) Malicious
GData
Gen:Variant.Lazy.474957 Malicious
Arcabit
Trojan.Lazy.D73F4D Malicious
Microsoft
Trojan:Win32/Phonzy.B!ml Malicious
Cynet
Malicious (score: 100) Malicious
ALYac
Gen:Variant.Lazy.474957 Malicious
MAX
malware (ai score=83) Malicious
Rising
PUA.GameHack!8.223 (CLOUD) Malicious
Ikarus
Trojan.Win32.Generic Malicious
DeepInstinct
MALICIOUS Malicious
49 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x180000000
Entry Point 0x180018138
Compilation Time 2024-02-15 23:03:41
Checksum 0x00000000 (Actual: 0x0001f03a)
OS Version 6.0
PEiD Signatures PE32+ executable (DLL) (console) x86-64, for MS Windows
PDB Path C:\Users\iiwms\Downloads\ClaxsPastedInternal\ClaxsPastedInternal\x64\Release\UnrealEngine.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 6 libraries
VCRUNTIME140_1, VCRUNTIME140, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-heap-l1-1-0, KERNEL32
Exports 0 functions
Resources 1 Resources
Sections 6 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 101,248 bytes 101,376 bytes 6.28 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 28979110CE817107FB98FB037C0B5995
.rdata 0x0001a000 18,622 bytes 18,944 bytes 4.81 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 2AE769FBD584A04872313EE5A1E2F287
.data 0x0001f000 4,120 bytes 512 bytes 2.36 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 24FBE608025E2428BB9E4AA7D9103023
.pdata 0x00021000 2,544 bytes 2,560 bytes 4.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F9FC4326AA5CEF2647590144E5440D7F
.rsrc 0x00022000 248 bytes 512 bytes 2.52 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ AD8B553D26B69E119B80C978E651A6E2
.reloc 0x00023000 100 bytes 512 bytes 1.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 5465E375FEE8354ACC962C0F94387DC9

Resource Analysis

Total Resources: 1 (145 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 145 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
21 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware