Online Virus Checker | v.1.0.179.174 |
DB Version: | 2024-06-18 13:00:22 |
This is a generic detection name used to identify a potentially harmful or suspicious file or program that exhibits characteristics of a Trojan horse. It is malware that disguises itself as a legitimate or benign program but contains malicious code or functions.
File | ep_setup (2).exe |
Checked | 2024-06-18 10:52:38 |
MD5 | f52667d9c8ab6d500d66b7fb10eba3f3 |
SHA1 | 2ac1ed7b58d0bf8c0579fe0b108cd4a9458c6f39 |
SHA256 | 7bee15f947ca11d353fe45e4a732ed13d25fc8be70d8b1fd73094dacdec2939f |
SHA512 | 98f9a0b8f18bdb4422a70e592762fcaf40db0c788fa8ad9ff9af0ded4d08fc7dd247d38dae8aaaa539b7c9aab35fe18600c300f787667e1b8aa80b220e6d2e4e |
Imphash | ea905e26266e3301aa5932fd6dab7ee1 |
File Size | 2575872 bytes |
Gridinsoft has the capability to identify and eliminate Spy.Win64.Gen.tr without requiring further user intervention.
CompanyName | VALINET Solutions SRL |
FileDescription | ExplorerPatcher Setup Program |
FileVersion | 22621.3527.65.1 |
InternalName | ep_setup.exe |
LegalCopyright | Copyright (C) 2006-2024 VALINET Solutions SRL. All rights reserved. |
OriginalFilename | ep_setup.exe |
ProductName | ExplorerPatcher |
ProductVersion | 22621.3527.65.1 |
Translation | 0x0409 0x04b0 |
Image Base: | 0x140000000 |
Entry Point: | 0x140005384 |
Compilation: | 2024-04-25 16:37:35 |
Checksum: | 0x00000000 (Actual: 0x00275d29) |
OS Version: | 6.0 |
PDB Path: | D:\a\ExplorerPatcher\ExplorerPatcher\build\Release\ep_setup.pdb |
PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 7 |
Imports: | KERNEL32, USER32, ADVAPI32, SHELL32, ole32, OLEAUT32, RstrtMgr, VERSION, SHLWAPI, |
Exports: | 4 |
Resources: | 42 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0001b440 | 0x0001b600 | c108f7d96ac8d323bed3fd692b8c13f0 | 6.46 |
.rdata | 0x0001d000 | 0x0000d3ba | 0x0000d400 | 322c54e58d6ecf31fbdaa87e4b917367 | 4.97 |
.data | 0x0002b000 | 0x00001f60 | 0x00000c00 | 820a9f2aa87351630406cc20c8f516ed | 1.94 |
.pdata | 0x0002d000 | 0x00001518 | 0x00001600 | b9636809627487fe6bfde2bfef981f61 | 5.09 |
_RDATA | 0x0002f000 | 0x000001f4 | 0x00000200 | d0aa4922ed6424216162caa029671c8c | 3.65 |
.rsrc | 0x00030000 | 0x00249328 | 0x00249400 | e81a277b841d5ac64c21aaba73adbe93 | 6.04 |
.reloc | 0x0027a000 | 0x000006bc | 0x00000800 | 3b76314b2ac7766314c8ff9167fcc1e8 | 5.04 |