Gridinsoft Logo
File Icon

The MACRO COSZ - 2025.exe (Point Blank) File Analysis

Updated 2 months ago
Checked by Malaware Check
MACRO COSZ - 2025.exe

Technical Analysis

File Name MACRO COSZ - 2025.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.211.174
Database Version 2025-03-19 03:00:38 UTC
โœ“

Clean File

No threats detected by our scanner

0%
Detection Rate
1,329,352
File Size (bytes)
2025-03-19
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
812d7bcac56a1fe0bb4aaed9c7ae171a
SHA1
8d81d403433ccfd324a8237c045a41d71dfe74de
SHA256
a7e9f229d2afc0cd5c965b8ae06f5ce7f801b01ceb61cfd6d9fb1033012730d9
SHA512
4c09f73f0e7d15143961352aace1743fdcd9714c13c16d70205a4033589ce75dc6bde9979a9db412a7fba296d9f8c656bf5cd1cadc41208e0b695a0798b2bfdd
ImpHash
8ebf8cdff0edfb71b612fb21cbde3410

PE Analysis

Basic Information

โ–ผ
Icon
Hash: bf0611d246164aaca4ef359bc909b0fe
Fuzzy: 5424b99554b898cd02b6ee10c254585e
dHash: b0c6d262b22a96c2
Image Base 0x140000000
Entry Point 0x1400cdb30
Compilation Time 2024-03-16 06:03:05
Checksum 0x0014b163 (Actual: 0x0014914d)
OS Version 5.2
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature The expected hash does not match the digest in SpcInfo
Imports 14 libraries
Exports 0 functions
Resources 28 Resources
Sections 7 Sections

Version Information

โ–ผ
CompanyName Zepetto Co.
FileDescription Point Blank
FileVersion iเข ,InternalName
InternalName PBApp
LegalCopyright Zepetto Co. All rights reserved.
OriginalFilename PointBlank.exe
ProductName Point Blank
ProductVersion 3.105.2208.5
Translation 0x0412 0x04b0

PE Sections

โ–ผ
Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 910,310 bytes 910,336 bytes 6.55 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 1B1D6DD14717B7A4A86BC608450D2229
.rdata 0x000e0000 201,470 bytes 201,728 bytes 4.97 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 09069CFE30350895756A1046AE0BD101
.data 0x00112000 50,104 bytes 20,480 bytes 3.31 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 969162FA5A35D1AF3366239C5D31D147
.pdata 0x0011f000 31,320 bytes 31,744 bytes 5.99 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ EE1089D1B53300DA83162D138F4A39CC
text 0x00127000 9,613 bytes 9,728 bytes 5.77 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE 6CAE918481287A7FF0AAEF42FC0B95EE
data 0x0012a000 28,352 bytes 28,672 bytes 6.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8F4275B626558A8640120F611553E570
.rsrc 0x00131000 115,140 bytes 115,200 bytes 5.64 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E842FDFE51A4F61A6728EBCD132573CA
Entropy Analysis Alert

1 section(s) with elevated entropy (โ‰ฅ6.5) - possible compression

Resource Analysis

โ–ผ
Total Resources: 28 (113,545 bytes)
Resource Type Count Total Size Percentage
RT_ICON 17 106,632 bytes
93.9%
RT_MENU 1 712 bytes
0.6%
RT_DIALOG 1 232 bytes
0.2%
RT_ACCELERATOR 1 72 bytes
0.1%
RT_RCDATA 1 3,609 bytes
3.2%
RT_GROUP_ICON 5 268 bytes
0.2%
RT_VERSION 1 752 bytes
0.7%
RT_MANIFEST 1 1,268 bytes
1.1%

Certificate Chain Analysis

โ–ผ
Certificate Information
Product Point Blank
Description Point Blank
File Version iเข ,InternalName
Original Name PointBlank.exe
Signing Date 01:17 AM 11/25/2022 (924 days ago)
Verification Status The digital signature of the object did not verify.
Signers Zepetto Co.; Sectigo Public Code Signing CA R36; Sectigo Public Code Signing Root R46; Sectigo (AAA)
Counter Signers Sectigo RSA Time Stamping Signer #3; Sectigo RSA Time Stamping CA; Sectigo
Internal Name PBApp
Copyright Zepetto Co. All rights reserved.
Certificate Chain Summary
Sectigo Public Code Signing Root R46 #1 Primary
Validity Period: 2021-05-25 00:00:00 โ†’ 2028-12-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 48 FC 93 B4 60 55 94 8D 36 A7 C9 8A 89 D6 94 16
Sectigo Public Code Signing CA R36 #2 Chain
Validity Period: 2021-03-22 00:00:00 โ†’ 2036-03-21 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 62 1D 6D 0C 52 01 9E 3B 90 79 15 20 89 21 1C 0A
Zepetto Co. #3 Chain
Validity Period: 2022-05-04 00:00:00 โ†’ 2023-05-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: BC 82 E5 A5 A2 D1 CE 0B 1D 14 59 A5 73 84 48 3D
Sectigo RSA Time Stamping Signer #3 #4 Chain
Validity Period: 2022-05-11 00:00:00 โ†’ 2033-08-10 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 90 39 7F 9A D2 4A 3A 13 F2 BD 91 5F 08 38 A9 43
Sectigo RSA Time Stamping CA #5 Chain
Validity Period: 2019-05-02 00:00:00 โ†’ 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9

โœ“ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware