Gridinsoft Logo
File Icon

CondemnedHeroes.exe Malware Generic Analysis

Updated 3 months ago
Checked by Malware Check
CondemnedHeroes.exe

Technical Analysis

File Name CondemnedHeroes.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.227.174
Database Version 2025-10-11 17:00:15 UTC

Malware.Win32.Generic.cld

Malware family: Generic

This detection name identifies suspicious files displaying Trojan-like behavior patterns. It represents malware that masquerades as benign programs while executing unauthorized activities on the infected system.
N/A
Detection Rate
7,372,800
File Size (bytes)
2025-10-11
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
6ab2e04614ce6ea28a7d7dba484c8647
SHA1
7f13ba81daf050ce432be6b8fa407b44ec06d83c
SHA256
9be06c13d8dccc69e73ba42f6756e0f655972563205382f43b12619148332dc6
SHA512
2483c4c851ef677103524cacc8e8cbfa9c77a9605a5449990734f246e269449b62ce46ebb983a79a3853b65b5bee86b09e8f35cb5f63aebb5f3081960361e011
ImpHash
d7180c91d696ac742961a4ec528a0007

PE Analysis

Basic Information

Icon
Hash: 53fac5abf4a0c7f27183b44aee1536c2
Fuzzy: 177ea45be430bd045fccb86f1f9153e2
dHash: 2b0c1f59330e3333
Image Base 0x00400000
Entry Point 0x00de72ee
Compilation Time 2012-06-18 07:35:56
Checksum 0x00000000 (Actual: 0x00709a29)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 14 libraries
Exports 0 functions
Resources 13 Resources
Sections 8 Sections

Version Information

CompanyName "Best Way" Corp
FileDescription Main executable
FileVersion 1.00
InternalName Outfront 2 A2
LegalCopyright Copyright © 1999-2008
OriginalFilename mow.exe
ProductName Men of War
ProductVersion 1.00
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 5,786,834 bytes 5,787,648 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ F327E62520B1E4EF8B682BA9C4713444
.rdata 0x00586000 592,792 bytes 593,920 bytes 5.62 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 1A6276077B1136CE73F3B8964C0863E6
.data 0x00617000 3,529,148 bytes 143,360 bytes 5.16 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 460EAA6D3BE99DB37E3918B727AB7915
.gem 0x00975000 1,648 bytes 4,096 bytes 2.39 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DDC650831171E9B3618A3884FEC39BB8
.tls 0x00976000 25,249 bytes 28,672 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE CF845A781C107EC1346E849C9DD1B7E8
.rsrc 0x0097d000 65,968 bytes 69,632 bytes 3.97 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 50D37484654B9C5390342A76379C3B00
.reloc 0x0098e000 361,536 bytes 364,544 bytes 6.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 98A05B9E3E2CB54FBAB64F8DCB952429
.bind 0x009e7000 376,832 bytes 376,832 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 75D9AA9EEEB2EA751B8A61C74614546B
Entropy Analysis Alert

2 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 13 (65,212 bytes)
Resource Type Count Total Size Percentage
RT_ICON 8 63,936 bytes
98%
RT_DIALOG 2 452 bytes
0.7%
RT_GROUP_ICON 2 124 bytes
0.2%
RT_VERSION 1 700 bytes
1.1%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Malware.Win32.Generic.cld Removal

Gridinsoft has the capability to identify and eliminate Malware.Win32.Generic.cld without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware