Gridinsoft Logo

Netflix mail access checker v2024.exe Trojan Heuristic Analysis

Updated 1 year ago
Checked by Malaware Check
Netflix mail access checker v2024.exe

Technical Analysis

File Name Netflix mail access checker v2024.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.173.174
Database Version 2024-04-27 07:00:20 UTC

Trojan.Heur!.022120A1

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
13,728,768
File Size (bytes)
2024-04-27
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
95f7a7d1658b372cbcbd6cc1ef91bef9
SHA1
180182eef4ac2baaa0d773aeb59aec022a3d34cc
SHA256
841d63d65e18b16579ff539e49ea437ef27c488d52d463b0105cdd4b19d2ea37
SHA512
26bc67b7665bb2423e765249caf7ab7a0634af699335568d5b19732a149560d9b77bc586477c12bacc66cf382a1e80b9846e6fe05d9e9315e66f88e438d4c095
ImpHash
90a754824211c648b161e0e146d30cbf

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x01600ab8
Compilation Time 2024-04-06 08:30:20
Checksum 0x00000000 (Actual: 0x00d22348)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature The PE file does not contain a certificate table.
Imports 2 libraries
ole32, KERNEL32
Exports 0 functions
Resources 0 Resources
Sections 8 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 164,724 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
.rdata 0x0002a000 61,116 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
.data 0x00039000 12,436 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.cSs 0x0003d000 2,110,552 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.b@( 0x00241000 6,287,611 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
.DK, 0x00841000 1,252 bytes 1,536 bytes 0.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 497A4E0E8831EA4B0C8FCA08A5DC446D
.cqD 0x00842000 13,723,152 bytes 13,723,648 bytes 7.95 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6C79FC5B54748A8D27FE4BF5C999C8F0
.reloc 0x01559000 2,248 bytes 2,560 bytes 4.09 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ D3AE75852AA88ACAD2DDC29F4653E773
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Heur!.022120A1 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.022120A1 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware