Gridinsoft Logo
File Icon

The AV_AIO.exe File Analysis

Updated 2 months ago
Checked by Malware Check
AV_AIO.exe

Technical Analysis

File Name AV_AIO.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
49152:1ylb8xUwQl0jT/H3PNkomMsuKJHoKOK/3s7Z5Xvj:W0f3PNeXJZO+3s7fXvj
Scanner Version 1.0.228.174
Database Version 2025-11-05 10:00:24 UTC

Suspicious File Detected

Detected by 23 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
32%
Detection Rate
2,594,304
File Size (bytes)
23/72
Engines Detected
2025-11-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
d44f18d3882216cdd30cdc4ca4871277
SHA1
5c69564a7592330b2564c422b4f13d5e7cc42eaf
SHA256
98c715ce956f6c2eb053f298c0a76e9d7cce5325d33f808eec66e9c279999d35
SHA512
084eadda1af764eb96d6a5d6e5b0e42aad5daa43eb7f92f5a90c39f533a8f92f537e4235c8b2c22310f370b55cffcf67433eea0746e35e8148bec2d1c69b10c9
ImpHash
aee5b2e0c24b7569daaeaadf02db8600

Security Engines with Detections (23 of 72)

Lionic
Trojan.Win32.Generic.4!c Malicious
CTX
exe.trojan.generic Malicious
Skyhigh
BehavesLike.Win64.PUP.vc Malicious
Cylance
Unsafe Malicious
Sangfor
Trojan.Win32.Agent.Vy9o Malicious
CrowdStrike
win/malicious_confidence_100% (W) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
Elastic
malicious (high confidence) Malicious
Zoner
Probably Heur.ExeHeaderL Malicious
Paloalto
generic.ml Malicious
NANO-Antivirus
Virus.Win64.Gen.ccng Malicious
McAfeeD
ti!98C715CE956F Malicious
SentinelOne
Static AI - Suspicious PE Malicious
Webroot
Win.Malware.Gen Malicious
AhnLab-V3
Trojan/Win.Generic.C5789280 Malicious
DeepInstinct
MALICIOUS Malicious
Malwarebytes
Neshta.Virus.FileInfector.DDS Malicious
APEX
Malicious Malicious
TrellixENS
Artemis!D44F18D38822 Malicious
MaxSecure
Trojan.Malware.509475721.susgen Malicious
Fortinet
W32/PossibleThreat Malicious
AVG
FileRepMalware [Misc] Malicious
Avast
FileRepMalware [Misc] Malicious
49 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 551f30a6bc926085a2675d13a32878b4
Fuzzy: 0d99b0d4ee895394170f88abd894e9fe
dHash: 161e2217312b2b1f
Image Base 0x140000000
Entry Point 0x14017d580
Compilation Time 2024-07-06 08:24:07
Checksum 0x00000000 (Actual: 0x0027e78e)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 16 libraries
Exports 0 functions
Resources 38 Resources
Sections 6 Sections

Version Information

FileVersion 2.0.18
ProductVersion 2.0.18
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 929,094 bytes 929,280 bytes 6.53 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 0A02EB188DF49E0D391C87B657D7B90A
.rdata 0x000e4000 246,254 bytes 246,272 bytes 5.12 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7600EFC08B037B6B12A09BFD8D69888D
.data 0x00121000 53,596 bytes 34,816 bytes 3.23 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2EFCA8AC51CDCD6D29054AE6AAF00B27
.pdata 0x0012f000 32,748 bytes 32,768 bytes 6.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3EDDADE8C5D8F3D585A0011D8FB90B7A
_RDATA 0x00137000 500 bytes 512 bytes 4.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 744003201C0E4057D9AA0E0D4B2603E8
.rsrc 0x00138000 1,349,140 bytes 1,349,632 bytes 7.32 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A0F6FBCE8A7C3F0E893643F24060F222
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 38 (1,346,740 bytes)
Resource Type Count Total Size Percentage
RT_ICON 20 279,697 bytes
20.8%
RT_MENU 1 712 bytes
0.1%
RT_DIALOG 2 622 bytes
0%
RT_ACCELERATOR 1 72 bytes
0%
RT_RCDATA 4 1,051,825 bytes
78.1%
RT_GROUP_ICON 5 310 bytes
0%
RT_VERSION 1 320 bytes
0%
RT_HTML 3 11,890 bytes
0.9%
RT_MANIFEST 1 1,292 bytes
0.1%

Certificate Chain Analysis

Certificate Information
File Version 2.0.18
Certificate Chain Summary
Microsoft Corporation #1 Primary
Validity Period: 2024-08-22 19:26:44 → 2025-08-20 19:26:44
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 03 FE 6B CE DA D6 C8 03 03 A3 00 00 00 00 03 FE
Microsoft Code Signing PCA 2011 #2 Chain
Validity Period: 2011-07-08 20:59:09 → 2026-07-08 21:09:09
Signature Algorithm: sha256RSA
Serial Number: 61 0E 90 D2 00 00 00 00 00 03
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2024-07-25 18:31:21 → 2025-10-22 18:31:21
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 00 0B D7 AA 7F 1B 2A 17 56 00 01 00 00 02 00
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15
Microsoft Time-Stamp Service #5 Chain
Validity Period: 2023-12-06 18:45:41 → 2025-03-05 18:45:41
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 ED E1 5F CB D5 F7 A5 5D 73 00 01 00 00 01 ED

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
23 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware