| File Name | n2n.exe |
| File Type |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| Scanner Version | 1.0.219.174 |
| Database Version | 2025-06-25 18:00:16 UTC |
Malware family: Heuristic
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
8d3c8be135469f77a1590412c54581eb
|
|
| SHA1 |
dc244a93854d0b6338ed47201197b950b7de56b6
|
|
| SHA256 |
a47088fe9a65e735e6167f019bf742dd603710917de11e17f34625a2722fc8ec
|
|
| SHA512 |
54632fda746d7d325a4e39d0060c18f77558ff1bf8619a7b8f2a10456ddf1debf8f6bab560b70d68d58dfb0ed2dea4b732050d8f91b21bbb2882c0740780bc5f
|
|
| ImpHash |
0b8baa0cc756e71c1baacd159d98fcb3
|
| Icon |
Hash: 457443362dd590bfb704d160b705a2f4
Fuzzy: cad4c4ad5e7cd0d9c0e636e86364005a dHash: 60f2f0e3e2dae470 |
| Image Base | 0x00400000 |
| Entry Point | 0x00c740b0 |
| Compilation Time | 2023-01-16 14:22:58 |
| Checksum | 0x0048f291 (Actual: 0x0048f291) |
| OS Version | 4.0 |
| PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows
|
| Digital Signature | No valid SignedData structure was found. |
| Imports | 18 libraries |
| Exports | 0 functions |
| Resources | 12 Resources |
| Sections | 8 Sections |
| FileVersion | 3.1.0.0 |
| FileDescription | EasyN2N |
| ProductName | EasyN2N |
| ProductVersion | 3.1.0.0 |
| CompanyName | Bug侠 |
| LegalCopyright | Bug侠 版权所有 |
| Comments | EasyN2N是一款轻量型VPN工具,可以很方便的组建虚拟局域网 |
| Translation | 0x0804 0x04b0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
|
0x00001000 |
1,390,295 bytes | 796,369 bytes | 7.97 (Packed/Encrypted) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
CA99B9831107614A07C343810E090510 |
|
0x00155000 |
1,585,708 bytes | 754,635 bytes | 7.97 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
6BBB19E6133F4541B11667F5502EB438 |
|
0x002d9000 |
663,755 bytes | 48,611 bytes | 7.96 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
75E9529598BB512665B77C88E9C35ECA |
|
0x0037c000 |
465,244 bytes | 41,868 bytes | 7.97 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
15C0632609BF25B71698633CD5B95109 |
.imports |
0x003ee000 |
4,096 bytes | 4,096 bytes | 1.36 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
2079946E1920DC25EB241EA236B09ED3 |
.rsrc |
0x003ef000 |
438,272 bytes | 438,272 bytes | 2.47 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
4A538267BE75B30F05847350EBD4F9B0 |
.themida |
0x0045a000 |
4,300,800 bytes | 0 bytes | 0.00 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
D41D8CD98F00B204E9800998ECF8427E |
.boot |
0x00874000 |
2,637,824 bytes | 2,635,395 bytes | 7.95 (Packed/Encrypted) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
B303518F99A5231E5B21554D16DEAF5B |
5 section(s) with high entropy (≥7.5) detected - possible packing/encryption
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_ICON | 9 | 432,104 bytes | |
| RT_GROUP_ICON | 1 | 132 bytes | |
| RT_VERSION | 1 | 616 bytes | |
| RT_MANIFEST | 1 | 697 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.03210421 without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
