Gridinsoft Logo

Ep_setup (2).exe Stealer Gen Analysis

Stealer Gen
Updated on 2024-06-18 (4 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.179.174
DB Version: 2024-06-18 13:00:22

Spy.Win64.Gen.tr

This is a generic detection name used to identify a potentially harmful or suspicious file or program that exhibits characteristics of a Trojan horse. It is malware that disguises itself as a legitimate or benign program but contains malicious code or functions.

File ep_setup (2).exe
Checked 2024-06-18 10:52:38
MD5 f52667d9c8ab6d500d66b7fb10eba3f3
SHA1 2ac1ed7b58d0bf8c0579fe0b108cd4a9458c6f39
SHA256 7bee15f947ca11d353fe45e4a732ed13d25fc8be70d8b1fd73094dacdec2939f
SHA512 98f9a0b8f18bdb4422a70e592762fcaf40db0c788fa8ad9ff9af0ded4d08fc7dd247d38dae8aaaa539b7c9aab35fe18600c300f787667e1b8aa80b220e6d2e4e
Imphash ea905e26266e3301aa5932fd6dab7ee1
File Size 2575872 bytes

Spy.Win64.Gen.tr Removal

Spy.Win64.Gen.tr Removal

Gridinsoft has the capability to identify and eliminate Spy.Win64.Gen.tr without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

CompanyName VALINET Solutions SRL
FileDescription ExplorerPatcher Setup Program
FileVersion 22621.3527.65.1
InternalName ep_setup.exe
LegalCopyright Copyright (C) 2006-2024 VALINET Solutions SRL. All rights reserved.
OriginalFilename ep_setup.exe
ProductName ExplorerPatcher
ProductVersion 22621.3527.65.1
Translation 0x0409 0x04b0

Portable Executable Info

Image Base: 0x140000000
Entry Point: 0x140005384
Compilation: 2024-04-25 16:37:35
Checksum: 0x00000000 (Actual: 0x00275d29)
OS Version: 6.0
PDB Path: D:\a\ExplorerPatcher\ExplorerPatcher\build\Release\ep_setup.pdb
PEiD: PE32+ executable (GUI) x86-64, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 7
Imports: KERNEL32, USER32, ADVAPI32, SHELL32, ole32, OLEAUT32, RstrtMgr, VERSION, SHLWAPI,
Exports: 4
Resources: 42

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0001b440 0x0001b600 c108f7d96ac8d323bed3fd692b8c13f0 6.46
.rdata 0x0001d000 0x0000d3ba 0x0000d400 322c54e58d6ecf31fbdaa87e4b917367 4.97
.data 0x0002b000 0x00001f60 0x00000c00 820a9f2aa87351630406cc20c8f516ed 1.94
.pdata 0x0002d000 0x00001518 0x00001600 b9636809627487fe6bfde2bfef981f61 5.09
_RDATA 0x0002f000 0x000001f4 0x00000200 d0aa4922ed6424216162caa029671c8c 3.65
.rsrc 0x00030000 0x00249328 0x00249400 e81a277b841d5ac64c21aaba73adbe93 6.04
.reloc 0x0027a000 0x000006bc 0x00000800 3b76314b2ac7766314c8ff9167fcc1e8 5.04

Leave a comment *

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware