The EditorAppLogic.dll File Analysis

Updated 1 second ago

Checked by Malware Check

EditorAppLogic.dll

Technical Analysis

File Name	EditorAppLogic.dll
File Type	Win32 DLL
Magic Bytes	`PE32+ executable (DLL) (GUI) x86-64, for MS Windows`
SSDEEP Hash	98304:sUIuiJ9oapGck552LDhbmOKtiuDV8j5ZOVNee/ZBzLLBlWbPgGm:3IwapKMDhCOKhpM5Z89fLOUp
Scanner Version	1.0.218.174
Database Version	2025-06-18 14:00:21 UTC

⚠

Suspicious File Detected

Detected by 11 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

15%

Detection Rate

4,260,160

File Size (bytes)

11/72

Engines Detected

2025-06-18

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	0a7fcbada9d0e154cecd4e65a24da345
SHA1	210301381b226575c4ee2b73aab6c233d6bb824f
SHA256	adcadfe6478893e3590dbdaaebf90e4008f156b48796a4a7041669e842acd967
SHA512	246fd14503cfb2803e1abfa4a05752f1a72e9830720ce3f416d0d30ed0a051cefd7fbd7e375b962e74398cff16caba9086ff3c2725ebd8530e7c9cb31e80ccda
ImpHash	55af79a914b383748bd452bea78d859a

Security Engines with Detections (11 of 72)

Skyhigh

BehavesLike.Win64.Generic.rc Malicious

Cylance

Unsafe Malicious

CrowdStrike

win/malicious_confidence_70% (D) Malicious

ESET-NOD32

a variant of Win64/Packed.Enigma.BV Malicious

McAfeeD

ti!ADCADFE64788 Malicious

Ikarus

Win32.Infector Malicious

Google

Detected Malicious

Antiy-AVL

RiskWare[Packed]/Win32.Enigma.a Malicious

Microsoft

Trojan:Win32/Wacatac.B!ml Malicious

Varist

W64/Enigma.G.gen!Eldorado Malicious

Rising

[email protected] (TAGGANT:3I/0cs8pJWoNr59Fx+mO7g) Malicious

61 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Image Base	`0x180000000`
Entry Point	`0x181268920`
Compilation Time	2025-06-16 07:03:49
Checksum	0x00233157 (Actual: 0x00418336)
OS Version	6.0
PEiD Signatures	`PE32+ executable (DLL) (GUI) x86-64, for MS Windows`
Digital Signature	No valid SignedData structure was found.
Imports	62 libraries
Exports	506 functions
Resources	1 Resources
Sections	9 Sections

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
	`0x00001000`	1,515,520 bytes	376,320 bytes	8.00 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`BC7E9A92361B07B625704DEA08DF4B3B`
	`0x00173000`	561,152 bytes	123,904 bytes	8.00 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`F9E7693514369B8A2F881CD2159FDFB8`
	`0x001fc000`	81,920 bytes	9,216 bytes	7.89 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`3C36B0B681B186EE4EFFF4C3DCF97E1B`
	`0x00210000`	102,400 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
	`0x00229000`	4,096 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
	`0x0022a000`	12,288 bytes	3,072 bytes	7.28 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`DB1F06169B347A08C377B8B0EB3FD6FA`
`.rsrc`	`0x0022d000`	4,096 bytes	512 bytes	4.72 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`C7E4C07C9AE848AC50FF4180462D1488`
	`0x0022e000`	13,590,528 bytes	304,128 bytes	8.00 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`73A934DD6949B4FE493E65F5AE9247B6`
	`0x00f24000`	3,436,544 bytes	3,432,960 bytes	7.95 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`3C56929C9AAE0BDA17D5843ECFBEE472`

Entropy Analysis Alert

5 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

▼

Total Resources: 1 (381 bytes)

Resource Type	Count	Total Size	Percentage
RT_MANIFEST	1	381 bytes	100%

Certificate Chain Analysis

▼