Online Virus Checker | v.1.0.187.174 |
DB Version: | 2024-09-10 09:00:32 |
The "Heur" stands for "heuristic," which means we use a set of rules, algorithms, or behavioral analysis to detect potential threats that may not have a specific, known signature. It's a proactive approach to identifying suspicious behavior or code patterns that could indicate the presence of a Trojan or other malware. The file's behavior or characteristics triggered the heuristic analysis as potentially malicious. However, it doesn't necessarily confirm that the file is indeed a Trojan. It could be a false positive, where a legitimate program exhibits behavior that resembles malicious activity.
File | final draft.exe |
Checked | 2024-09-10 06:22:46 |
MD5 | e109b76ae09467367520d8853280c7cb |
SHA1 | 71e4feaf67f5966934ce1cc967c4e37fc31338fb |
SHA256 | 8c7b9e18916be7f2a5dd34a54ee1ef870b5402ba42ad56b966e065eb92ae4e9e |
SHA512 | c03aa3a4d87f6b9302be161fa082dd1ea3556268988d828468294c7a9dab5781df95da5fa5be54ea0b5880c831e1dbd860cd5812f1b5a4f7b052acb9f45d25bc |
Imphash | fb5b5b4226e8fc7b0715e6d27c8a3538 |
File Size | 50596352 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.02291021 without requiring further user intervention.
CompanyName | Cast & Crew Production Software, LLC |
FileDescription | Final Draft |
FileVersion | 13.2.0 Build 71 |
InternalName | Final Draft |
LegalCopyright | Copyright © 2020 Cast & Crew Production Software, LLC |
OriginalFilename | Final Draft.exe |
ProductName | Final Draft |
ProductVersion | 13.2.0 Build 71 |
Translation | 0x0409 0x04b0 |
0423d9fa28d3f671e0fe2f30e7839c84 c2a8099717b5b49d739ea319d49d0d60 f0f27b1970a6f070 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x01f88648 |
Compilation: | 2024-08-02 01:47:56 |
Checksum: | 0x03043e80 (Actual: 0x03043e80) |
OS Version: | 6.0 |
PEiD: | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 12 |
Imports: | api-ms-win-core-winrt-string-l1-1-0, api-ms-win-core-winrt-l1-1-0, api-ms-win-core-winrt-error-l1-1-0, WINHTTP, WININET, Secur32, WINMM, WINTRUST, UIAutomationCore, CRYPT32, ADVAPI32, KERNEL32, USER32, GDI32, WINSPOOL, COMDLG32, SHELL32, ole32, OLEAUT32, mfc140u, COMCTL32, SHLWAPI, WS2_32, MSVCP140, mscoree, api-ms-win-shcore-scaling-l1-1-1, DWrite, VCRUNTIME140, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-convert-l1-1-0, api-ms-win-crt-time-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-filesystem-l1-1-0, api-ms-win-crt-locale-l1-1-0, api-ms-win-crt-utility-l1-1-0, api-ms-win-crt-environment-l1-1-0, api-ms-win-crt-conio-l1-1-0, xerces-c_3_1, |
Exports: | 0 |
Resources: | 1416 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00ddbfe7 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.rdata | 0x00ddd000 | 0x00572458 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.data | 0x01350000 | 0x00121a78 | 0x000b4000 | 532c952581e2ed299c8b1e3105c6057e | 6.12 |
.shr | 0x01472000 | 0x00000004 | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
.gfids | 0x01473000 | 0x00000080 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.giats | 0x01474000 | 0x00000004 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.tls | 0x01475000 | 0x00000009 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.dn` | 0x01476000 | 0x00000480 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.XX< | 0x01477000 | 0x0000292c | 0x00002a00 | 804bc455b862908b796f7f6c8a958a67 | 5.81 |
.|I+ | 0x0147a000 | 0x008381c8 | 0x00838200 | 5637f480455fbe2b821b0a89d9617ddf | 7.88 |
.rsrc | 0x01cb3000 | 0x02751600 | 0x02751600 | f62754fcc40b0f95c77740a55df194b4 | 1.78 |
.reloc | 0x04405000 | 0x00000020 | 0x00000200 | 102755be273ce52e5b7e728c9158d7d6 | 0.43 |