Gridinsoft Logo

The steamclient_loader_x32.exe (GSE) File Analysis

Updated 2 months ago
Checked by Malware Check
steamclient_loader_x32.exe

Technical Analysis

File Name steamclient_loader_x32.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
6144:J26GcRR8Z+IognNyC7yPLZ12Q7Eh9dl5X1TfezEqO3yTTmxUcGfZcIVfYGL:J26GcRR8Z+IognUCsKIEh9dl5lTfHqOM
Scanner Version 1.0.228.174
Database Version 2025-11-04 16:00:29 UTC

Suspicious File Detected

Detected by 25 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
35%
Detection Rate
286,120
File Size (bytes)
25/72
Engines Detected
2025-11-04
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
c038088e9f0b504eaf45f6ace8258655
SHA1
c80a6b64fedd23300068e678a0730730c4716f3a
SHA256
7722b8139b3ab69e7bb729fbfaf9dbdc8beb94616a0a6b1a76c9d4e8eda3db8c
SHA512
a7e5579f9ae7deca9bc6e0e64ed4bb88e634cd77e790fcde7b5ae6594c7eca23f245da3a0012e9961ea8a74eec6d05ae3cb51471aaff6a1fad11aa926ab0944b
ImpHash
6f93b94da842f0326107e4d0e36477b6

Security Engines with Detections (25 of 72)

Lionic
Trojan.Win32.Generic.4!c Malicious
MicroWorld-eScan
Gen:Trojan.Heur.TP.ry1@baut6dfi Malicious
CTX
exe.trojan.generic Malicious
CAT-QuickHeal
Trojan.Ghanarava.1756071351258655 Malicious
ALYac
Gen:Trojan.Heur.TP.ry1@baut6dfi Malicious
Cylance
Unsafe Malicious
VIPRE
Gen:Trojan.Heur.TP.ry1@baut6dfi Malicious
Sangfor
Trojan.Win32.Agent.Vug5 Malicious
CrowdStrike
win/malicious_confidence_60% (W) Malicious
TrendMicro-HouseCall
TROJ_GEN.R002H09H825 Malicious
Paloalto
generic.ml Malicious
BitDefender
Gen:Trojan.Heur.TP.ry1@baut6dfi Malicious
Emsisoft
Gen:Trojan.Heur.TP.ry1@baut6dfi (B) Malicious
McAfeeD
ti!7722B8139B3A Malicious
Trapmine
malicious.moderate.ml.score Malicious
Webroot
W32.Malware.Gen Malicious
Microsoft
Program:Win32/Wacapew.C!ml Malicious
Arcabit
Trojan.Heur.TP.ED36C0 Malicious
ViRobot
Trojan.Win.Z.Agent.286120.A Malicious
GData
Gen:Trojan.Heur.TP.ry1@baut6dfi Malicious
Malwarebytes
Generic.Malware/Suspicious Malicious
TrellixENS
Artemis!C038088E9F0B Malicious
MaxSecure
Trojan.Malware.409173070.susgen Malicious
Fortinet
W32/PossibleThreat Malicious
DeepInstinct
MALICIOUS Malicious
47 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x004180a5
Compilation Time 2025-08-06 17:11:48
Checksum 0x0005249c (Actual: 0x0005249c)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature Chain verification from C=UK, O=GSE, OU=GSE, CN=GSE (serial:211027173489245574460077671294956507972744638520, sha1:d1a9b9c0cde8e45e32e9e4444d1b3183e5efa016) failed: The X.509 certificate provided is self-signed - "Common Name: GSE, Organizational Unit: GSE, Organization: GSE, Country: UK"
Imports 3 libraries
USER32, KERNEL32, ADVAPI32
Exports 0 functions
Resources 4 Resources
Sections 6 Sections

Version Information

LegalCopyright Copyright (C) 2021 GSE
InternalName GSE (win32)
FileVersion 08.56.38.63
CompanyName GSE
ProductVersion 01.00.00.02
FileDescription GSE
Source Control ID 8563863
OriginalFilename steam.exe
ProductName GSE
Translation 0x0409 0x04b0
CompanyName GSE
FileDescription GSE
FileVersion 1, 0, 0, 2
InternalName GSE
LegalCopyright Copyright (C) 2021 GSE
OriginalFilename steam.exe
ProductName GSE
ProductVersion 1, 0, 0, 2
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 198,732 bytes 199,168 bytes 6.56 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 373F333641BB08EEA97AB241E3D2627F
.rdata 0x00032000 63,326 bytes 63,488 bytes 5.10 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ BDA9ACB24C60D7F08654486CACE50824
.data 0x00042000 173,248 bytes 5,632 bytes 3.30 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 26D84A7FA07D31C44D909149446DC077
.fptable 0x0006d000 128 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x0006e000 2,072 bytes 2,560 bytes 3.40 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ BEB2786E8F475A5791156EB04B7721EA
.reloc 0x0006f000 11,120 bytes 11,264 bytes 6.62 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 95F7469028206B0E45D4EB56BE81891A
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 4 (1,760 bytes)
Resource Type Count Total Size Percentage
SCID 1 7 bytes
0.4%
RT_VERSION 2 1,372 bytes
78%
RT_MANIFEST 1 381 bytes
21.6%

Certificate Chain Analysis

Certificate Information
Product GSE
Description GSE
File Version 08.56.38.63
Original Name steam.exe
Verification Status A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signers GSE
Internal Name GSE (win32)
Copyright Copyright (C) 2021 GSE
Certificate Chain Summary
GSE #1 Primary
Validity Period: 2025-08-06 17:11:49 → 2040-09-21 17:11:49
Signature Algorithm: sha256RSA
Serial Number: 24 F6 C9 25 C4 39 D4 83 D5 75 79 9A 34 7D 59 AB 83 7D F0 38

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from C=UK, O=GSE, OU=GSE, CN=GSE (serial:211027173489245574460077671294956507972744638520, sha1:d1a9b9c0cde8e45e32e9e4444d1b3183e5efa016) failed: The X.509 certificate provided is self-signed - "Common Name: GSE, Organizational Unit: GSE, Organization: GSE, Country: UK"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
25 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware