TC games bypass vip.exe Ransomware Skeeyah Analysis

Updated 17 days ago

Checked by Malaware Check

TC games bypass vip.exe

Technical Analysis

File Name	TC games bypass vip.exe
File Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Scanner Version	1.0.216.174
Database Version	2025-05-20 17:00:25 UTC

⚠

Ransom.Win32.Skeeyah.cld

Malware family: Skeeyah

N/A

Detection Rate

85,154,536

File Size (bytes)

2025-05-20

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	c4014f1cdd7c666717b7b885c0ab644d
SHA1	e80d62c77ba65f360c4207c696e71c1e806c203c
SHA256	a258928cd0b0ac59189fd0437dd89a4b1b188c08bc0954bd6df0e421eddfe5a7
SHA512	24d1abb363d25c7b9e5b49d49a207c28046c24aadc1ff8331814dbd828d638655830a6d294baca4d5768d071492f09972bfdabf666c6b52065764c3030a08555
ImpHash	7fa974366048f9c551ef45714595665e

PE Analysis

Basic Information

▼

Icon	Hash: 62ca41dcc66f8d500d2f9a4b3ce89b94 Fuzzy: d36ec041a1dfacf4abbce6a1ed1d2c03 dHash: 32694d45453323e0
Image Base	`0x00400000`
Entry Point	`0x00403121`
Compilation Time	2009-06-18 21:33:23
Checksum	0x0513e733 (Actual: 0x0513e733)
OS Version	4.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive`
Digital Signature	OK
Imports	8 libraries KERNEL32, USER32, GDI32, SHELL32, ADVAPI32, COMCTL32, ole32, VERSION
Exports	0 functions
Resources	19 Resources
Sections	5 Sections

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	23,096 bytes	23,552 bytes	6.40 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`092E164DAA50385128D3C5B319373035`
`.rdata`	`0x00007000`	4,496 bytes	4,608 bytes	5.18 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`4E7F519777030DD2F0EA0D2092BABED3`
`.data`	`0x00009000`	110,424 bytes	1,024 bytes	4.62 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`F6D93C048BF148A2DAEE8A6B0505E38B`
`.ndata`	`0x00024000`	86,016 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_UNINITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`.rsrc`	`0x00039000`	128,256 bytes	128,512 bytes	4.72 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`F403FABF1FE2C999A1D288BF8C1F3FF5`

Resource Analysis

▼

Total Resources: 19 (127,205 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	7	123,672 bytes	97.2%
RT_DIALOG	10	2,896 bytes	2.3%
RT_GROUP_ICON	1	104 bytes	0.1%
RT_MANIFEST	1	533 bytes	0.4%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

OK

Ransom.Win32.Skeeyah.cld Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.Skeeyah.cld without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

Start by downloading Gridinsoft Anti-Malware to your computer.
Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
Click on the "Standard Scan" button to begin scanning your computer for threats.
After the scanning process is finished, click on "Clean Now" to remove any detected threats.
If prompted, restart your system to complete the removal process and ensure all threats are eliminated.

Important: Before You Start

Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now

Gridinsoft Anti-Malware