Gridinsoft Logo
File Icon

The 0D0B721E-26E6-4EE3-918D-3F71723E46F1_09122025184608627.old (Informaal Software) File Analysis

Updated 1 month ago
Checked by Malware Check
0D0B721E-26E6-4EE3-918D-3F71723E46F1_09122025184608627.old

Technical Analysis

File Name 0D0B721E-26E6-4EE3-918D-3F71723E46F1_09122025184608627.old
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
24576:/2Ox8uboMRvic+gB8cLlOO5HZ63y+2ppKjoQbb1i:/2Ox8KDRvRTaYlNHZ63y+2ppaoQbU
Scanner Version 1.0.229.174
Database Version 2025-11-18 11:00:20 UTC

Suspicious File Detected

Detected by 27 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
38%
Detection Rate
888,304
File Size (bytes)
27/72
Engines Detected
2025-11-18
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
6d83bdb4d20bf739e2efbe45591f4f2c
SHA1
f769923ba6ab7c708f6c47e2264d915d276160eb
SHA256
7ba7781eb04769940161b20093492695472a0a3a86b972e0a69345fb6a4e0d35
SHA512
436b1791879386f2c7de7eb7121a6d7e70b77b30015e43de3fd778e75ee202374ee8a218ff16f38156b7f96db5806ad441e98295c2aeab3e86f3bba8d0302d22
ImpHash
806a5dd387894a3d4546964c56eb7cc2

Security Engines with Detections (27 of 72)

Bkav
W64.AIDetectMalware Malicious
Lionic
Trojan.Win32.GenericFCA.4!c Malicious
MicroWorld-eScan
Application.GenericFCA.3151 Malicious
CTX
exe.trojan.genericfca Malicious
CAT-QuickHeal
Trojan.Ghanarava.17592726071f4f2c Malicious
ALYac
Application.GenericFCA.3151 Malicious
CrowdStrike
win/malicious_confidence_60% (W) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
Elastic
malicious (high confidence) Malicious
Paloalto
generic.ml Malicious
BitDefender
Application.GenericFCA.3151 Malicious
Emsisoft
Application.GenericFCA.3151 (B) Malicious
VIPRE
Application.GenericFCA.3151 Malicious
McAfeeD
ti!7BA7781EB047 Malicious
Ikarus
Trojan-Downloader.Win64.Agent Malicious
Webroot
W32.Trojan.Gen Malicious
Microsoft
Program:Win32/Wacapew.C!ml Malicious
Arcabit
Application.GenericFCA.DC4F Malicious
GData
Application.GenericFCA.3151 Malicious
Google
Detected Malicious
AhnLab-V3
Trojan/Win.Generic.R712301 Malicious
DeepInstinct
MALICIOUS Malicious
Malwarebytes
Trojan.Agent Malicious
TrellixENS
Artemis!6D83BDB4D20B Malicious
Fortinet
W32/PossibleThreat Malicious
AVG
Win64:MalwareX-gen [Misc] Malicious
Avast
Win64:MalwareX-gen [Misc] Malicious
45 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 97d89846c7c446fc88dfe789a6cc35b6
Fuzzy: 1787c6ca3ad11c338e2a55ceb8d0bbfb
dHash: c1b2d6d6b2d46136
Image Base 0x140000000
Entry Point 0x1400ad650
Compilation Time 2025-09-12 00:14:29
Checksum 0x000e86f4 (Actual: 0x000e86f4)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path C:\Users\Ethan\Downloads\InformaalRunner-master (1)\InformaalRunner-master\x64\Release\Main.pdb
Digital Signature Chain verification from CN=Informaal, O=Informaal LLC, L=Springfield, ST=Illinois, C=United States (serial:41074049011101601784900468512579457902, sha1:7d42056ffa5312f4be7286b63a30500271761afb) failed: The X.509 certificate provided is self-signed - "Common Name: Informaal, Organization: Informaal LLC, Locality: Springfield, State/Province: Illinois, Country: United States"
Imports 22 libraries
Exports 0 functions
Resources 6 Resources
Sections 6 Sections

Version Information

FileDescription Informaal Software
FileVersion 1.0.0.1
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 710,716 bytes 711,168 bytes 6.53 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 36FE6F69A5FCD477DCF200E19A8523BF
.rdata 0x000af000 132,962 bytes 133,120 bytes 5.92 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E01439E0807DA5D0157764F3B6F911BA
.data 0x000d0000 4,928 bytes 3,072 bytes 3.26 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE AB68378406EB6F044488ADB3649C2B4E
.pdata 0x000d2000 23,496 bytes 23,552 bytes 5.93 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C105DDBD66A83AC8F4F784267587BAC0
.rsrc 0x000d8000 5,776 bytes 6,144 bytes 5.77 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DB83B79E0AE573F3F15F956431999DE1
.reloc 0x000da000 2,172 bytes 2,560 bytes 5.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 9FC354EE5F3F7AE7F794195EB31F6EAD
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 6 (5,241 bytes)
Resource Type Count Total Size Percentage
AFX_DIALOG_LAYOUT 1 2 bytes
0%
RT_ICON 1 4,264 bytes
81.4%
RT_DIALOG 1 226 bytes
4.3%
RT_GROUP_ICON 1 20 bytes
0.4%
RT_VERSION 1 348 bytes
6.6%
RT_MANIFEST 1 381 bytes
7.3%

Certificate Chain Analysis

Certificate Information
Description Informaal Software
File Version 1.0.0.1
Signing Date 12:14 AM 09/12/2025 (120 days ago)
Verification Status A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signers Informaal
Certificate Chain Summary
Informaal #1 Primary
Validity Period: 2025-03-08 04:07:39 → 2026-03-08 04:27:39
Signature Algorithm: sha256RSA
Serial Number: 1E E6 92 F7 BE 6C 1A 84 45 16 47 B8 64 99 13 6E
DigiCert SHA256 RSA4096 Timestamp Responder 2025 1 #2 Chain
Validity Period: 2025-06-04 00:00:00 → 2036-09-03 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0A 80 EF 18 4B 8D F1 05 82 D1 C4 76 A7 95 74 68
DigiCert Trusted G4 TimeStamping RSA4096 SHA256 2025 CA1 #3 Chain
Validity Period: 2025-05-07 00:00:00 → 2038-01-14 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0D C7 AC 57 05 FF 21 99 2E 40 43 22 0C 3A 49 86
DigiCert Trusted Root G4 #4 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from CN=Informaal, O=Informaal LLC, L=Springfield, ST=Illinois, C=United States (serial:41074049011101601784900468512579457902, sha1:7d42056ffa5312f4be7286b63a30500271761afb) failed: The X.509 certificate provided is self-signed - "Common Name: Informaal, Organization: Informaal LLC, Locality: Springfield, State/Province: Illinois, Country: United States"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
27 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware