VMware懒人一键去虚拟化工具v1.1.exe Trojan Heuristic Analysis
| Online Virus Checker | v.1.0.172.174 |
| DB Version: | 2024-04-17 15:00:32 |
Trojan.Heur!.02212021
The "Heur" stands for "heuristic," which means we use a set of rules, algorithms, or behavioral analysis to detect potential threats that may not have a specific, known signature. It's a proactive approach to identifying suspicious behavior or code patterns that could indicate the presence of a Trojan or other malware. The file's behavior or characteristics triggered the heuristic analysis as potentially malicious. However, it doesn't necessarily confirm that the file is indeed a Trojan. It could be a false positive, where a legitimate program exhibits behavior that resembles malicious activity.
| File | VMware懒人一键去虚拟化工具v1.1.exe |
| Checked | 2024-04-17 15:21:31 |
| MD5 | acd883974a40548be63339f5efb6e458 |
| SHA1 | 12d88e5c3e357b216ad3ace086779a09ebceb600 |
| SHA256 | a440a1e39f05807bf628a8fc645dc5f11237da3d2ef352a3b256ce7caf9d3f3f |
| SHA512 | d3413a5b07836ee3d417b24a0afb851e98f25c2acfb0c8482494d3bb43c860734bf628bb81db49afe408bcec6efe1b705a9ab70d1bf7e7968d24e942a40c4260 |
| Imphash | 20620da8a463b79365e23c0bb967c88f |
| File Size | 35340288 bytes |
Trojan.Heur!.02212021 Removal
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.02212021 without requiring further user intervention.
- Start by downloading Gridinsoft Anti-Malware to your computer.
- Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
- Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
- Click on the "Standard Scan" button.
- After the scanning process is finished, click on "Clean Now" to remove any detected threats.
- If prompted, restart your system to complete the removal process.
File Version Information
| FileVersion | 1.1.0.0 |
| FileDescription | VM虚拟机工具 |
| ProductName | VMware懒人一键去虚拟化工具 |
| ProductVersion | 1.1.0.0 |
| CompanyName | by:Gao Meinan |
| LegalCopyright | by:Gao Meinan |
| Comments | VMware懒人一键去虚拟化工具v1.1 |
| Translation | 0x0804 0x04b0 |
Portable Executable Info
 |
e5e45caee7d77a4f12202ee54dba5a06 56bffa5ed8af4eb5c177df66102cc494 e0d8fc7c70686aee |
| Image Base: | 0x00400000 |
| Entry Point: | 0x03108510 |
| Compilation: | 2024-02-28 13:37:36 |
| Checksum: | 0x00000000 (Actual: 0x021bccbf) |
| OS Version: | 5.0 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 7 |
| Imports: | MSVFW32, AVIFIL32, WINMM, WS2_32, RASAPI32, KERNEL32, USER32, GDI32, WINSPOOL, comdlg32, ADVAPI32, SHELL32, ole32, OLEAUT32, COMCTL32, WININET, |
| Exports: | 0 |
| Resources: | 8 |
Sections
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0055590e | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .rdata | 0x00557000 | 0x019f49f4 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .data | 0x01f4c000 | 0x0008a5ea | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .%Gr | 0x01fd7000 | 0x00ce75d7 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .4oq | 0x02cbf000 | 0x00000b34 | 0x00001000 | 1b3578148cc41e93bb7dce31f76166bd | 0.28 |
| .0k@ | 0x02cc0000 | 0x021a2e70 | 0x021a3000 | e6289f61adcad3da74f6944f22601a26 | 7.99 |
| .rsrc | 0x04e63000 | 0x0000e661 | 0x0000f000 | 9c679c296282547eb0451956fe49a7b9 | 7.80 |
