The uagta 1 9 6 exe (Онлайн гра про Україну) UKRAINEGTA File Malware Analysis

Hash Type	Value	Action
MD5	2f9691d9a3db0bc5658a2276277717c6
SHA1	9d59b51b4a92745ada744baa545b33fd1ea4a085
SHA256	a8764e5ab4a270a766f0525645653f8ac46a7f8e11fb0796a4c26898f2023095
SHA512	305096ce8af5af2425fe1414f62872acbee73f32748251309995853f3211de6078fa6a63b965baace9d5e63a9a866b0904da3fb06a3d854bbb1960631830cb2d
ImpHash	e569e6f445d32ba23766ad67d1e3787f

PE Analysis

Basic Information

▼

Icon	Hash: 66904cbf705445386eac44389068c174 Fuzzy: a608d4fcd841bd0a38c5b193e7a54191 dHash: 620f70b679698281
Image Base	`0x00400000`
Entry Point	`0x004b5eec`
Compilation Time	2022-04-14 16:10:23
Checksum	0x009992a8 (Actual: 0x009992a8)
OS Version	6.1
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows`
Digital Signature	OK
Imports	7 libraries kernel32, comctl32, version, user32, oleaut32, netapi32, advapi32
Exports	3 functions
Resources	18 Resources
Sections	10 Sections

Version Information

▼

Comments	This installation was built with Inno Setup.
CompanyName	UKRAINEGTA
FileDescription	Онлайн гра про Україну
FileVersion	2.1.1.1
LegalCopyright	CDPRO.SPACE
OriginalFileName
ProductName	LAUNCHER
ProductVersion	2.1.1.1
Translation	0x0000 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	735,716 bytes	735,744 bytes	6.36 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`43AF0A9476CA224D8E8461F1E22C94DA`
`.itext`	`0x000b5000`	5,768 bytes	6,144 bytes	5.97 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`185E04B9A1F554E31F7F848515DC890C`
`.data`	`0x000b7000`	14,244 bytes	14,336 bytes	5.05 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`CAB2107C933B696AA5CF0CC6C3FD3980`
`.bss`	`0x000bb000`	28,136 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`.idata`	`0x000c2000`	4,060 bytes	4,096 bytes	5.03 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`E7D1635E2624B124CFDCE6C360AC21CD`
`.didata`	`0x000c3000`	420 bytes	512 bytes	2.75 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`8CED971D8A7705C98B173E255D8C9AA7`
`.edata`	`0x000c4000`	154 bytes	512 bytes	1.88 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`8D4E1E508031AFE235BF121C80FD7D5F`
`.tls`	`0x000c5000`	24 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`.rdata`	`0x000c6000`	93 bytes	512 bytes	1.38 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`8F2F090ACD9622C88A6A852E72F94E96`
`.rsrc`	`0x000c7000`	73,248 bytes	73,728 bytes	7.59 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`A49DB9F2B87A5223209166F1E8B3480C`

Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

▼

Total Resources: 18 (72,164 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	1	60,031 bytes	83.2%
RT_STRING	11	8,040 bytes	11.1%
RT_RCDATA	3	768 bytes	1.1%
RT_GROUP_ICON	1	20 bytes	0%
RT_VERSION	1	1,412 bytes	2%
RT_MANIFEST	1	1,893 bytes	2.6%

Certificate Chain Analysis

▼

Certificate Information

Product	LAUNCHER
Description	Онлайн гра про Україну
File Version	2.1.1.1
Signing Date	07:18 PM 08/30/2023 (682 days ago)
Verification Status	Signed
Signers	FOP Gustilin Grigoriy Oleksandrovich; GlobalSign GCC R45 CodeSigning CA 2020; GlobalSign Code Signing Root R45; GlobalSign Root CA - R3
Counter Signers	Globalsign TSA for CodeSign1 - R6; GlobalSign Timestamping CA - SHA384 - G4; GlobalSign Root CA - R6
Copyright	CDPRO.SPACE

Certificate Chain Summary

GlobalSign Code Signing Root R45 #1 Primary

Validity Period: 2020-07-28 00:00:00 → 2029-03-18 00:00:00

Signature Algorithm: sha384RSA

Serial Number: 78 03 18 42 45 70 8A 41 CF 6F 01 B8 EE B4 A9 54

GlobalSign GCC R45 CodeSigning CA 2020 #2 Chain

Validity Period: 2020-07-28 00:00:00 → 2030-07-28 00:00:00

Signature Algorithm: sha256RSA

Serial Number: 77 BD 0E 03 A1 B7 08 F8 54 AB 06 72 10 D9 04 47

FOP Gustilin Grigoriy Oleksandrovich #3 Chain

Validity Period: 2023-06-16 14:15:06 → 2024-06-16 14:15:06

Signature Algorithm: sha256RSA

Serial Number: 2D A3 5B 27 D6 19 91 95 0D 2E 05 77

Globalsign TSA for CodeSign1 - R6 #4 Chain

Validity Period: 2022-04-06 07:45:38 → 2033-05-08 07:45:38

Signature Algorithm: sha256RSA

Serial Number: 01 B2 8B D4 CF EE EE 0D BE D0 B3 0D 9B F8 43 6A

GlobalSign Timestamping CA - SHA384 - G4 #5 Chain

Validity Period: 2018-06-20 00:00:00 → 2034-12-10 00:00:00

Signature Algorithm: sha384RSA

Serial Number: 01 EC 1C 92 40 DE FD 2E 40 5D 7C 47 74

GlobalSign #6 Chain

Validity Period: 2014-12-10 00:00:00 → 2034-12-10 00:00:00

Signature Algorithm: sha384RSA

Serial Number: 45 E6 BB 03 83 33 C3 85 65 48 E6 FF 45 51

✓ This file has been digitally signed and the certificate chain has been verified

The signature ensures file integrity and authenticity from the publisher
Timestamping proves when the signature was applied

File Name	uagta_1_9_6.exe
File Type	PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version	1.0.172.174
Database Version	2024-04-21 11:00:24 UTC

The uagta_1_9_6.exe (Онлайн гра про Україну) File Analysis

Technical Analysis

Clean File

Scan Another File

File Identification

PE Analysis

Basic Information

Version Information

PE Sections

Entropy Analysis Alert

Resource Analysis

Certificate Chain Analysis

Certificate Information

Certificate Chain Summary

Certificate Verification Status

Remember: This is Result of Online Virus Scanner

Keep Your System Protected

Leave a Comment

Gridinsoft Anti-Malware