The Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.exe File Analysis

Updated 2 days ago

Checked by Malaware Check

Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.exe

Technical Analysis

File Name	Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.exe
File Type	Win32 EXE
Magic Bytes	`PE32 executable (GUI) Intel 80386, for MS Windows`
SSDEEP Hash	196608:xQc+2jD8ZyCMeiA24G4jLonzU04DjmLy8OVKLlVT7H39:2c+cD4DMvA24PLMzU0+mLyJVKfX9
Scanner Version	1.0.217.174
Database Version	2025-05-30 01:00:17 UTC

⚠

Suspicious File Detected

Detected by 7 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

10%

Detection Rate

9,983,292

File Size (bytes)

7/70

Engines Detected

2025-05-30

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	edcc1a529ea8d2c51592d412d23c057e
SHA1	1d62d278fe69be7e3dde9ae96cc7e6a0fa960331
SHA256	970645912c0c0b6eb857236e6bcbfcafcb0eaf0f19d2b278c5b180ee31bb8a5d
SHA512	c8d9fc14c74c87284ed92d7879e5968129572b8fc4e921f48a14b82b98f26737f89daa87213cd9068fa53a8ef84b8e07f1ce053f06790d417ff8dc621b346cab
ImpHash	fcf1390e9ce472c7270447fc5c61a0c1

Security Engines with Detections (7 of 70)

Bkav

W32.AIDetectMalware Malicious

CrowdStrike

win/grayware_confidence_100% (W) Malicious

Paloalto

generic.ml Malicious

NANO-Antivirus

Trojan.Win32.Inject.iioxzq Malicious

Ikarus

Trojan.Rasftuby Malicious

Cynet

Malicious (score: 100) Malicious

DeepInstinct

MALICIOUS Malicious

63 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Icon	Hash: 8d9da329386d64d6b86a12bd2f986399 Fuzzy: 9043363bfee17e0d508057b9ae7189e9 dHash: 84b4b4d4c4ccccc0
Image Base	`0x00400000`
Entry Point	`0x0041e1f9`
Compilation Time	2020-03-26 10:02:47
Checksum	0x00000000 (Actual: 0x0098cbb7)
OS Version	5.1
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows`
PDB Path	`D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb`
Digital Signature	No valid SignedData structure was found.
Imports	2 libraries KERNEL32, gdiplus
Exports	0 functions
Resources	27 Resources
Sections	6 Sections

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	198,017 bytes	198,144 bytes	6.70 (Compressed)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`792BD7DF6720CDE2CFC6C5BD271DB719`
`.rdata`	`0x00032000`	41,778 bytes	41,984 bytes	5.24 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`756853FE875B73413C865E8DCC712E3B`
`.data`	`0x0003d000`	145,584 bytes	4,608 bytes	3.84 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`E6B2C60A8DAD3761B8C0633F9C11BDB1`
`.gfids`	`0x00061000`	232 bytes	512 bytes	2.12 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`4F044A92903811F759276FF33AEEBDFD`
`.rsrc`	`0x00062000`	57,296 bytes	57,344 bytes	6.64 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`8E29476AB61853F6591B2CD8A3D727BF`
`.reloc`	`0x00070000`	8,460 bytes	8,704 bytes	6.61 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`ACFAD3BCF1B5D0D2D873CFF715EAC82F`

Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

▼

Total Resources: 27 (55,604 bytes)

Resource Type	Count	Total Size	Percentage
PNG	2	8,430 bytes	15.2%
RT_ICON	7	38,113 bytes	68.5%
RT_DIALOG	6	2,916 bytes	5.2%
RT_STRING	10	4,166 bytes	7.5%
RT_GROUP_ICON	1	104 bytes	0.2%
RT_MANIFEST	1	1,875 bytes	3.4%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

7 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1