| File Name | Deceive.exe |
| File Type |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
| Scanner Version | 1.0.168.174 |
| Database Version | 2024-03-03 04:00:19 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
8601a9bf03b194b7e70de918c86235e0
|
|
| SHA1 |
ba49b40e83cd833ebf8ab62e47e10fbaec0f7de5
|
|
| SHA256 |
8ae665c9f2ce17156a11d63bf5f3400a832733cbd3686b2e272aeeac50b006df
|
|
| SHA512 |
8850df97bbdfade1534efaa2443fa5c791d5ace2793fce351caf5b559c78d4dfba787886950b750cffe13c88f4e353179e44f05184a10eaf2377cbedb5b6ba91
|
|
| ImpHash |
f34d5f2d4577ed6d9ceec516c1f5a744
|
| Icon |
Hash: dc1d9ce3d89534f2828ca37f56cc47b4
Fuzzy: 07fd45fa1f3a92630af7fa0631863c65 dHash: 0012cda79373fdfb |
| Image Base | 0x00400000 |
| Entry Point | 0x005516fe |
| Compilation Time | 2071-06-03 21:24:00 |
| Checksum | 0x00000000 (Actual: 0x001681a5) |
| OS Version | 4.0 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
| PDB Path | C:\Users\thijs\Documents\Projects\League\Deceive\Deceive\obj\Release\net472\Deceive.pdb |
| Digital Signature | The PE file does not contain a certificate table. |
| Imports |
1 libraries
mscoree |
| Exports | 0 functions |
| Resources | 8 Resources |
| Sections | 3 Sections |
| Translation | 0x0000 0x04b0 |
| CompanyName | Deceive |
| FileDescription | Deceive |
| FileVersion | 1.13.0.0 |
| InternalName | Deceive.exe |
| LegalCopyright | |
| OriginalFilename | Deceive.exe |
| ProductName | Deceive |
| ProductVersion | 1.0.0 |
| Assembly Version | 1.13.0.0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00002000 |
1,373,956 bytes | 1,374,208 bytes | 7.93 (Packed/Encrypted) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
87AEE630B96A6FBCC783AA664B97C9B6 |
.rsrc |
0x00152000 |
38,956 bytes | 39,424 bytes | 6.55 (Compressed) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
50A56254A691384486BD5D9F8774F297 |
.reloc |
0x0015c000 |
12 bytes | 512 bytes | 0.08 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
20AE3A54B947E112665FE1ABDCDAC269 |
1 section(s) with high entropy (≥7.5) detected - possible packing/encryption
1 section(s) with elevated entropy (≥6.5) - possible compression
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_ICON | 5 | 34,408 bytes | |
| RT_GROUP_ICON | 1 | 76 bytes | |
| RT_VERSION | 1 | 690 bytes | |
| RT_MANIFEST | 1 | 3,279 bytes |
| Product | Deceive |
| Description | Deceive |
| File Version | 1.13.0.0 |
| Original Name | Deceive.exe |
| Internal Name | Deceive.exe |
✓ This file has been digitally signed and the certificate chain has been verified
The PE file does not contain a certificate table.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
