Gridinsoft Logo
File Icon

The ai_generator_sora.exe (Generation video from text) File Analysis

Updated 11 months ago
Checked by Malware Check
ai_generator_sora.exe

Technical Analysis

File Name ai_generator_sora.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
393216:W1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYf/:WMguj8Q4VfvxqFTrYe
Scanner Version 1.0.184.174
Database Version 2024-08-07 23:00:15 UTC

Suspicious File Detected

Detected by 6 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
8%
Detection Rate
37,890,456
File Size (bytes)
6/75
Engines Detected
2024-08-07
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
490865d4972e16ed7a46407af7cfc44c
SHA1
35d1831dfa1d96042238595d71d69f539acadba1
SHA256
73fd02a8b1bdc0b24969a8fbc40471e3cc531d77711cd74ec4358f86b1285c4a
SHA512
08e109b332c842bdfc712c8ab0124471dbddc2ef9d41ea0937b651af0741811cd52c617dfbee2666032dd0870bcde02dffb007b00ec19fdf89fdc0aeaacc62a8
ImpHash
4d0fb8dc9ee470058274f448bebbb85f

Security Engines with Detections (6 of 75)

ESET-NOD32
a variant of Win32/GenCBL.FFK Malicious
Ikarus
Win32.Outbreak Malicious
Webroot
W32.Trojan.Gen Malicious
Microsoft
Trojan:Win32/Wacatac.B!ml Malicious
Google
Detected Malicious
VBA32
TrojanPSW.RedLine Malicious
69 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: f26da5f0bf4ea26eacbc7db99c6230ea
Fuzzy: e9bcb894147631730aff7cd80cb751a4
dHash: 05b279697961314d
Image Base 0x140000000
Entry Point 0x14125e198
Compilation Time 2022-07-08 23:42:38
Checksum 0x0242c901 (Actual: 0x0242c901)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path C:\Users\runneradmin\AppData\Local\Temp\pkg.24e0b2b2d51e47b9dba34c30\node\out\Release\node.pdb
Digital Signature OK
Imports 11 libraries
Exports 17255 functions
Resources 6 Resources
Sections 7 Sections

Version Information

CompanyName Node.js
ProductName Creating video from text
FileDescription Generation video from text
FileVersion 1.1.9.0
ProductVersion 1.1.9.0
LegalCopyright Sora
OriginalFilename Sora.exe
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 19,570,560 bytes 19,570,688 bytes 6.46 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ A68BF38C27F1C9777E7256DBF52A2E32
.rdata 0x012ab000 16,669,688 bytes 16,669,696 bytes 6.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3D04457829DB3D1D1ED3FAA5A7C86EF1
.data 0x02291000 2,983,884 bytes 141,312 bytes 3.86 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE EC94C9183EEEA0A1DEE0F4E89CA6F8D7
.pdata 0x0256a000 917,196 bytes 917,504 bytes 6.80 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9E7C8D93702D4532DB1795A99911A4B0
_RDATA 0x0264a000 244 bytes 512 bytes 2.91 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ ECB4BBE56E47C45A2388A28F6B547D3A
.rsrc 0x0264b000 13,888 bytes 142,336 bytes 3.44 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C102DE7E0BA5A5EB5A5A318C8572CCBB
.reloc 0x0264f000 131,572 bytes 131,584 bytes 5.49 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ D5809755CA5D408E8A1E4C3932B51246
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 6 (13,483 bytes)
Resource Type Count Total Size Percentage
RT_ICON 3 11,960 bytes
88.7%
RT_GROUP_ICON 1 48 bytes
0.4%
RT_VERSION 1 656 bytes
4.9%
RT_MANIFEST 1 819 bytes
6.1%

Certificate Chain Analysis

Certificate Information
Product Creating video from text
Description Generation video from text
File Version 1.1.9.0
Original Name Sora.exe
Signing Date 08:01 PM 08/03/2024 (343 days ago)
Verification Status Signed
Signers TIMBER DIGITAL LIMITED; SSL.com EV Code Signing Intermediate CA RSA R3; SSL.com EV Root Certification Authority RSA R2
Counter Signers SSL.com Timestamping Unit 2024 E1; SSL.com Timestamping Issuing RSA CA R1; SSL.com Root Certification Authority RSA
Copyright Sora
Certificate Chain Summary
SSL.com EV Root Certification Authority RSA R2 #1 Primary
Validity Period: 2017-05-31 18:14:37 → 2042-05-30 18:14:37
Signature Algorithm: sha256RSA
Serial Number: 56 B6 29 CD 34 BC 78 F6
SSL.com EV Code Signing Intermediate CA RSA R3 #2 Chain
Validity Period: 2019-03-26 17:44:23 → 2034-03-22 17:44:23
Signature Algorithm: sha256RSA
Serial Number: 42 4B 6A 53 CE C7 66 14 1C 2A 63 B1 A5 1C 41 04
TIMBER DIGITAL LIMITED #3 Chain
Validity Period: 2024-07-19 14:19:08 → 2025-07-19 14:19:08
Signature Algorithm: sha256RSA
Serial Number: 53 EC 0C C4 8C 77 C3 3E EC 15 ED 3B 7D D4 4A 8E
SSL.com Timestamping Unit 2024 E1 #4 Chain
Validity Period: 2024-02-19 16:18:19 → 2034-02-16 16:18:18
Signature Algorithm: sha256RSA
Serial Number: 5A 5A AC E8 1A 35 6E B4 62 86 8D 57 7D E0 3D C7
SSL.com Timestamping Issuing RSA CA R1 #5 Chain
Validity Period: 2019-11-13 18:50:05 → 2034-11-12 18:50:05
Signature Algorithm: sha256RSA
Serial Number: 6D 52 18 70 87 E8 23 4D 85 60 00 D0 80 8F 93 56

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
6 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Community Comments (1)

ME
Me

Aug 07, 2024

what it does ? what files and registries are modified and how ? this software was downloaded from facebook via fake SORA ads.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware