Gridinsoft Logo

The steamclient_loader_x32.exe (GSE) File Analysis

Updated 3 months ago
Checked by Malware Check
steamclient_loader_x32.exe

Technical Analysis

File Name steamclient_loader_x32.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
6144:81OIj/a74AKDbZ2eFQC3ADVOiMpv3csUIS3Q:815+2h2cQAAD3lIt
Scanner Version 1.0.226.174
Database Version 2025-09-28 17:00:25 UTC

Suspicious File Detected

Detected by 37 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
51%
Detection Rate
279,464
File Size (bytes)
37/72
Engines Detected
2025-09-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
b9730f4018b92aff0343bffda3bc80e9
SHA1
77266937dcce254a98091a6b5a527f80bbb20885
SHA256
92cb93be02c16de312dd73dc1cec5b37e8ffeb4c3e131c2e125c596ab21587a6
SHA512
f7542ce136b8780b257e4ec5ecd55248c58e6c500263cf00bdf454ee147b053f6124a092ffcd79bbeadb8e0bad23e51c740e677b2c0b3ecd1a5c0fb0cccc5f9a
ImpHash
6f93b94da842f0326107e4d0e36477b6

Security Engines with Detections (37 of 72)

Lionic
Trojan.Win32.Generic.4!c Malicious
Elastic
malicious (high confidence) Malicious
Skyhigh
Artemis!Trojan Malicious
ALYac
Gen:Trojan.Heur.TP.ry1@bqpGlRmi Malicious
Cylance
Unsafe Malicious
Sangfor
Trojan.Win32.Agent.Vrhi Malicious
CrowdStrike
win/malicious_confidence_70% (D) Malicious
K7GW
Riskware ( 00584baa1 ) Malicious
K7AntiVirus
Riskware ( 00584baa1 ) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
Paloalto
generic.ml Malicious
BitDefender
Gen:Trojan.Heur.TP.ry1@bqpGlRmi Malicious
MicroWorld-eScan
Gen:Trojan.Heur.TP.ry1@bqpGlRmi Malicious
Avast
Win32:Malware-gen Malicious
Emsisoft
Gen:Trojan.Heur.TP.ry1@bqpGlRmi (B) Malicious
VIPRE
Gen:Trojan.Heur.TP.ry1@bqpGlRmi Malicious
TrendMicro
TROJ_FRS.VSNTHD25 Malicious
McAfeeD
ti!92CB93BE02C1 Malicious
Trapmine
malicious.moderate.ml.score Malicious
CTX
exe.trojan.generic Malicious
GData
Gen:Trojan.Heur.TP.ry1@bqpGlRmi Malicious
Jiangmin
Trojan.Heur.dzv Malicious
Webroot
W32.Malware.Gen Malicious
Varist
W32/ABApplication.KYTG-3949 Malicious
Antiy-AVL
Trojan/Win32.Agent Malicious
Arcabit
Trojan.Heur.TP.E2F7D3 Malicious
Microsoft
Trojan:Win32/Wacatac.B!ml Malicious
Google
Detected Malicious
AhnLab-V3
Malware/Win.Generic.R699116 Malicious
Malwarebytes
Malware.AI.356097016 Malicious
Panda
Trj/Chgt.AD Malicious
TrendMicro-HouseCall
TROJ_FRS.VSNTHD25 Malicious
TrellixENS
Artemis!B9730F4018B9 Malicious
MaxSecure
Trojan.Malware.7164915.susgen Malicious
Fortinet
W32/PossibleThreat Malicious
AVG
Win32:Malware-gen Malicious
DeepInstinct
MALICIOUS Malicious
35 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x00416f08
Compilation Time 2025-03-27 14:49:24
Checksum 0x00053fc7 (Actual: 0x00053fc7)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature Chain verification from C=UK, O=GSE, OU=GSE, CN=GSE (serial:301753754594751911242442752779208375739858044784, sha1:d26703869c32d5b769b04463ab0bf01b2a4db11b) failed: The X.509 certificate provided is self-signed - "Common Name: GSE, Organizational Unit: GSE, Organization: GSE, Country: UK"
Imports 3 libraries
USER32, KERNEL32, ADVAPI32
Exports 0 functions
Resources 4 Resources
Sections 6 Sections

Version Information

LegalCopyright Copyright (C) 2021 GSE
InternalName GSE (win32)
FileVersion 08.56.38.63
CompanyName GSE
ProductVersion 01.00.00.02
FileDescription GSE
Source Control ID 8563863
OriginalFilename steam.exe
ProductName GSE
Translation 0x0409 0x04b0
CompanyName GSE
FileDescription GSE
FileVersion 1, 0, 0, 2
InternalName GSE
LegalCopyright Copyright (C) 2021 GSE
OriginalFilename steam.exe
ProductName GSE
ProductVersion 1, 0, 0, 2
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 192,541 bytes 193,024 bytes 6.56 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 33B72F3E5BA696A273FA456E189F1E05
.rdata 0x00031000 62,678 bytes 62,976 bytes 5.12 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 711860F0296AF63F782A533DDB12F72D
.data 0x00041000 173,296 bytes 5,632 bytes 3.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5C9E81CC23FFB869407F1D510CDA3B07
.fptable 0x0006c000 128 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x0006d000 2,072 bytes 2,560 bytes 3.40 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A0C74256C592FE0A02DFA73787D848E1
.reloc 0x0006e000 10,868 bytes 11,264 bytes 6.55 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 36BCAF6390E6BC5CC3F2B8377D215ABD
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 4 (1,760 bytes)
Resource Type Count Total Size Percentage
SCID 1 7 bytes
0.4%
RT_VERSION 2 1,372 bytes
78%
RT_MANIFEST 1 381 bytes
21.6%

Certificate Chain Analysis

Certificate Information
Product GSE
Description GSE
File Version 08.56.38.63
Original Name steam.exe
Verification Status A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signers GSE
Internal Name GSE (win32)
Copyright Copyright (C) 2021 GSE
Certificate Chain Summary
GSE #1 Primary
Validity Period: 2025-03-27 14:49:25 → 2040-05-12 14:49:25
Signature Algorithm: sha256RSA
Serial Number: 34 DB 1B 38 A9 F3 04 30 BC 32 C8 87 97 28 15 78 FF 58 47 70

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from C=UK, O=GSE, OU=GSE, CN=GSE (serial:301753754594751911242442752779208375739858044784, sha1:d26703869c32d5b769b04463ab0bf01b2a4db11b) failed: The X.509 certificate provided is self-signed - "Common Name: GSE, Organizational Unit: GSE, Organization: GSE, Country: UK"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
37 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware