| File Name | ROAM0120backup2.exe.infected |
| File Type |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| Scanner Version | 1.0.231.174 |
| Database Version | 2025-12-22 01:00:26 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
a769e499ca0b29d7413807ef4c17dadf
|
|
| SHA1 |
772638bf18a04ebf80f408351b3d851a667d4d29
|
|
| SHA256 |
868e95fd2959090ec0fbba516d9d3df6ca284ec880f4cc98a0d87444f766ae98
|
|
| SHA512 |
cc68cbff436eb7a14322f3692b0fdd946fc7078a02481d6fd0f1b5a34856fcdc269e5078ea4d0a98bdb0cd5034354c11b554d4bb49df60ce9f582e64fc02fee0
|
|
| ImpHash |
9b2d98ab451b0bc34ac867ac83f5ab51
|
| Icon |
Hash: 4a687d54f3075c5aedf619a86697d34d
Fuzzy: 3ce8f520af315c9610e8a83113b2df44 dHash: 8671cc868ecc3184 |
| Image Base | 0x00400000 |
| Entry Point | 0x006b8609 |
| Compilation Time | 2018-10-04 11:49:21 |
| Checksum | 0x00442a36 (Actual: 0x0049f431) |
| OS Version | 5.0 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| PDB Path | c:\hudson\GMBase\GMGreen\GameMaker\Runner\VC_Runner\Release\Runner.pdb |
| Digital Signature | No valid SignedData structure was found. |
| Imports | 16 libraries |
| Exports | 0 functions |
| Resources | 37 Resources |
| Sections | 5 Sections |
| CompanyName | Plates |
| FileDescription | 0120 0120 0120 0120 |
| FileVersion | 1.0.0.5 |
| InternalName | GameMaker:Studio Windows C++ Runner |
| LegalCopyright | |
| PrivateBuild | 01.00.00.00 |
| ProductName | Roam incident |
| ProductVersion | 1.0.0.5 |
| Translation | 0x0809 0x04b0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
3,062,049 bytes | 3,062,272 bytes | 6.69 (Compressed) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
0C038D02D030072674A77EDC1D8D8FD4 |
.rdata |
0x002ed000 |
921,920 bytes | 922,112 bytes | 5.57 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
FCD070FF8E4F36AAA6D5FB83D58EE89A |
.data |
0x003cf000 |
2,759,620 bytes | 309,760 bytes | 5.76 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
C94F6880134E1906895DE614463D7D82 |
.mydata |
0x00671000 |
8 bytes | 512 bytes | 0.02 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
5B71E4C27591CCB21954D71D656B28FB |
.rsrc |
0x00672000 |
516,392 bytes | 516,608 bytes | 2.33 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A01DE57255DCE313D859A1BB2944A13C |
1 section(s) with elevated entropy (≥6.5) - possible compression
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| GIF | 15 | 77,610 bytes | |
| RT_ICON | 9 | 431,052 bytes | |
| RT_DIALOG | 9 | 1,690 bytes | |
| RT_STRING | 1 | 448 bytes | |
| RT_GROUP_ICON | 1 | 132 bytes | |
| RT_VERSION | 1 | 2,332 bytes | |
| RT_MANIFEST | 1 | 969 bytes |
| Product | Roam incident |
| Description | 0120 0120 0120 0120 |
| File Version | 1.0.0.5 |
| Internal Name | GameMaker:Studio Windows C++ Runner |
✓ This file has been digitally signed and the certificate chain has been verified
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware
Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!
