| File Name | QuantV_Install.exe |
| File Type |
PE32+ executable (console) x86-64, for MS Windows
|
| Scanner Version | 1.0.222.174 |
| Database Version | 2025-08-02 21:00:20 UTC |
Malware family: Agent
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
c7e8bc52072fceae17e1e0e51ad7c7e1
|
|
| SHA1 |
82140beb419de0dd798401f99284f9f69be6a662
|
|
| SHA256 |
89b87ee6778b2c3349c1a18d6f4e75b8c29031695460d452fb4fbe5add6f3902
|
|
| SHA512 |
acd0300ad6207d666813239a762020cba433c85ef2a49d861e8d7b61f42cca9cb65e1b43a176438791edc2fbbb6257e70664b87a1403aebcc09d1c8246b512c0
|
|
| ImpHash |
d42595b695fc008ef2c56aabd8efd68e
|
| Image Base | 0x00400000 |
| Entry Point | 0x004775e0 |
| Compilation Time | 1970-01-01 00:00:00 |
| Checksum | 0x00000000 (Actual: 0x0081cb9f) |
| OS Version | 6.1 |
| PEiD Signatures |
PE32+ executable (console) x86-64, for MS Windows
|
| Digital Signature | No valid SignedData structure was found. |
| Imports |
1 libraries
kernel32 |
| Exports | 0 functions |
| Resources | 0 Resources |
| Sections | 15 Sections |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
2,625,745 bytes | 2,626,048 bytes | 6.21 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
87C7759C8A3E4D199680F7A45EDF1D43 |
.rdata |
0x00283000 |
2,775,480 bytes | 2,775,552 bytes | 5.53 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
5649720F0F6C094642DB921CCB20C565 |
.data |
0x00529000 |
655,280 bytes | 305,152 bytes | 6.26 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
F6B241E9CB87D3DA8360DF401A963870 |
.pdata |
0x005c9000 |
60,264 bytes | 60,416 bytes | 5.48 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
CA9D57A9E98A71FA9896C795BAE10197 |
.xdata |
0x005d8000 |
180 bytes | 512 bytes | 1.78 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1F0B77C93CC5480943D8EF623BD62683 |
/4 |
0x005d9000 |
331 bytes | 512 bytes | 5.58 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
523EAECD9190DFD8860C76496FE54D39 |
/19 |
0x005da000 |
478,306 bytes | 478,720 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
1B9A478DFF6EF55129E82EABEDB1C3EE |
/32 |
0x0064f000 |
97,961 bytes | 98,304 bytes | 7.94 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
6AA01EF278C3CDFE83EEF896CF63A1F6 |
/46 |
0x00667000 |
48 bytes | 512 bytes | 0.86 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
40CCA7C46FC713B4F088E5D440CA7931 |
/65 |
0x00668000 |
849,504 bytes | 849,920 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
90D668BD2D04AD0774A0786DFC39F2C5 |
/78 |
0x00738000 |
614,270 bytes | 614,400 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
27C1EDCFFB342B85C997E36F7E8414EC |
/90 |
0x007ce000 |
190,705 bytes | 190,976 bytes | 7.82 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
A7DE241FEAD6E942EB021BA958DCE085 |
.idata |
0x007fd000 |
1,342 bytes | 1,536 bytes | 4.01 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D17A7552F7B8C94C92741A11E2AEE36A |
.reloc |
0x007fe000 |
50,548 bytes | 50,688 bytes | 5.44 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
406813978407417C141181239B5F098B |
.symtab |
0x0080b000 |
412,302 bytes | 412,672 bytes | 5.34 (Normal) |
IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
8B5DDA459110558F050BA16409F0AF0D |
5 section(s) with high entropy (≥7.5) detected - possible packing/encryption
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Trojan.Win64.Agent.sa without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
