| File Name | launcher.exe |
| File Type |
PE32+ executable (console) x86-64, for MS Windows
|
| Scanner Version | 1.0.216.174 |
| Database Version | 2025-05-16 02:00:24 UTC |
Malware family: Heuristic
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
17f5c73c78064cfbbd17516cf89ad7ee
|
|
| SHA1 |
72cd9dadce5e5d35ba06ceec425a237f85a7e276
|
|
| SHA256 |
92a4ea6ebc752eccd5c7afbcd1ba176a24795ab93cc800c6a013a48a8174b4e9
|
|
| SHA512 |
8f4e8bc16babefb8ec599a91f996d0a4089b1d466cdd7440171e0759907852df6038451b04506f4afabdd8bdf21f00d320f556bef4f294b3a4f3af41e7180903
|
|
| ImpHash |
5331016eb8f43aa420cbb468154138ed
|
| Icon |
Hash: 1e781df5791bafffbbc09282d936cce3
Fuzzy: b55fcad2ed87b93df2ecc71a5e805980 dHash: 87135bc9c9b9b316 |
| Image Base | 0x140000000 |
| Entry Point | 0x1440ed727 |
| Compilation Time | 2025-05-07 15:46:30 |
| Checksum | 0x00000000 (Actual: 0x046129dc) |
| OS Version | 6.0 |
| PEiD Signatures |
PE32+ executable (console) x86-64, for MS Windows
|
| Digital Signature | No valid SignedData structure was found. |
| Imports | 14 libraries |
| Exports | 0 functions |
| Resources | 3 Resources |
| Sections | 8 Sections |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
143,839 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
D41D8CD98F00B204E9800998ECF8427E |
.rdata |
0x00025000 |
41,972 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D41D8CD98F00B204E9800998ECF8427E |
.data |
0x00030000 |
4,616 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.pdata |
0x00032000 |
7,560 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D41D8CD98F00B204E9800998ECF8427E |
.shika0 |
0x00034000 |
63,384,353 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
D41D8CD98F00B204E9800998ECF8427E |
.shika1 |
0x03ca7000 |
272 bytes | 512 bytes | 1.02 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
BE5BE3EE1386B9796C6C3F7404444496 |
.shika2 |
0x03ca8000 |
73,367,232 bytes | 73,367,552 bytes | 7.94 (Packed/Encrypted) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
C5CE19B1492B5866D3A4A93CA38C2A24 |
.rsrc |
0x082a0000 |
68,272 bytes | 68,608 bytes | 6.42 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
E0B8056AD342E553E1BA927BAC1BD823 |
1 section(s) with high entropy (≥7.5) detected - possible packing/encryption
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_ICON | 1 | 67,624 bytes | |
| RT_GROUP_ICON | 1 | 20 bytes | |
| RT_MANIFEST | 1 | 392 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.022120A3 without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
