Gridinsoft Logo
File Icon

Keygen.exe Malware GenericMC Analysis

Updated 3 months ago
Checked by Malware Check
Keygen.exe

Technical Analysis

File Name Keygen.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.226.174
Database Version 2025-10-07 17:00:31 UTC

Malware.Win32.GenericMC.cc

Malware family: GenericMC

This generic detection covers files showing Trojan horse indicators. It identifies malware that appears legitimate but contains hidden malicious functionality designed to compromise system integrity or user data.
N/A
Detection Rate
1,724,928
File Size (bytes)
2025-10-07
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
3976d41ea6085f735c46e28542f120eb
SHA1
3972e1dad3528c9374a0276c18d9ed76ccc1577d
SHA256
ad5689ba1fcb9a46b094c1af80e62a9dd615151cb99c39be98e579064b5519bc
SHA512
bb1c78f2438309e536e829da2def0c0ca76b9bac558eff2d90cda20bdabca86b73d90c09052c1a34c1954486234811709e8d5a8855836b08dd1b070af77f7c5d
ImpHash
b9070d905d2688a09bf23e1317ffdc6e

PE Analysis

Basic Information

Icon
Hash: d3c11c680283f611f59ecfd6b497dcf2
Fuzzy: bb97dff9e5367575a91e2814418c5dac
dHash: e8d4b29a9292dce8
Image Base 0x00400000
Entry Point 0x004f4ce8
Compilation Time 2011-06-12 16:14:03
Checksum 0x00000000 (Actual: 0x001aacd5)
OS Version 5.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 11 libraries
Exports 0 functions
Resources 54 Resources
Sections 10 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 994,544 bytes 994,816 bytes 6.47 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 449126326C8FA94417D53871F57DD267
.itext 0x000f4000 3,388 bytes 3,584 bytes 5.99 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 99B95815D5F8F24F65D655A0FC912BB3
.data 0x000f5000 329,128 bytes 329,216 bytes 1.01 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 8A82597B0E7FCC0D8351CFD976E82F3F
.bss 0x00146000 24,380 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x0014c000 14,226 bytes 14,336 bytes 5.24 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4DD210F5CE2AA60CD8051593ACDE2ADE
.didata 0x00150000 1,056 bytes 1,536 bytes 2.95 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 6AF64D8A21F7B2D3B67252F854DA63D9
.tls 0x00151000 72 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x00152000 24 bytes 512 bytes 0.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 511E12CFA3208593E63B26F1E5CB4E20
.reloc 0x00153000 80,484 bytes 80,896 bytes 6.69 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 6DACBC0C2D286D555266A39AF9AD224F
.rsrc 0x00167000 298,856 bytes 299,008 bytes 2.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8389051AEE22E4DEEDF405C2A3909560
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 54 (295,861 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 7 2,156 bytes
0.7%
RT_BITMAP 10 4,660 bytes
1.6%
RT_ICON 6 22,384 bytes
7.6%
RT_STRING 18 13,060 bytes
4.4%
RT_RCDATA 3 251,769 bytes
85.1%
RT_GROUP_CURSOR 7 140 bytes
0%
RT_GROUP_ICON 1 90 bytes
0%
RT_MANIFEST 2 1,602 bytes
0.5%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Malware.Win32.GenericMC.cc Removal

Gridinsoft has the capability to identify and eliminate Malware.Win32.GenericMC.cc without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware