Gridinsoft Logo
File Icon

The pivot_v5-2.exe (Pivot Animator) File Analysis

Updated 9 months ago
Checked by Malware Check
pivot_v5-2.exe

Technical Analysis

File Name pivot_v5-2.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
SSDEEP Hash
12288:zymCv84Lnka4eec2ZZEhl3qgi4JpXBLUbBinP7:zIv84Lnk5LEhl3qZs1P7
Scanner Version 1.0.194.174
Database Version 2024-10-23 16:00:38 UTC
โš 

Suspicious File Detected

Detected by 33 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
46%
Detection Rate
676,576
File Size (bytes)
33/72
Engines Detected
2024-10-23
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
f577fc68521d8ca399edd72ac913255d
SHA1
8ff05351f4d8f3c4c80ed4985590e8ab1b989ea1
SHA256
ae9e4974652dc907c017d94d511f1c4cbab72b8c440c052f38acac86279eb509
SHA512
ce2497db91582a1d21093e1e08fd33bb91d7f93081045e716cc46c2b4b24f65ec4dbe8ce7149109c4a713b55a13706cfda967fdbd466d3c1c00024f4761f0e38
ImpHash
f34d5f2d4577ed6d9ceec516c1f5a744

Security Engines with Detections (33 of 72)

Bkav
W32.Common.C13B6AB3 Malicious
Lionic
Adware.Win32.DotSetupIo.2!c Malicious
Elastic
malicious (high confidence) Malicious
CAT-QuickHeal
PUA.AgentFC.S32895219 Malicious
Cylance
Unsafe Malicious
CrowdStrike
win/grayware_confidence_100% (D) Malicious
K7GW
Adware ( 0057a4c31 ) Malicious
K7AntiVirus
Adware ( 0057a4c31 ) Malicious
ESET-NOD32
a variant of MSIL/DotSetupIo.A potentially unwanted Malicious
NANO-Antivirus
Riskware.Win32.DotSetupIo.kjwlne Malicious
ViRobot
Adware.Dotsetupio.676576.J Malicious
Rising
PUF.DotSetupIo!8.126B6 (CLOUD) Malicious
Emsisoft
Application.Generic (A) Malicious
DrWeb
Adware.DownwareNET.4 Malicious
SentinelOne
Static AI - Malicious PE Malicious
Sophos
Generic Reputation PUA (PUA) Malicious
Ikarus
PUA.MSIL.Dotsetupio Malicious
Webroot
W32.Adware.Gen Malicious
Google
Detected Malicious
Varist
W32/MSIL_Agent.HPE.gen!Eldorado Malicious
Xcitium
ApplicUnwnt@#3tot0awftbzrs Malicious
Microsoft
PUABundler:Win32/PivotAnimator_BundleInstaller Malicious
SUPERAntiSpyware
Trojan.Agent/Gen-Marsilia Malicious
GData
MSIL.Application.DotSetupIO.A Malicious
AhnLab-V3
PUP/Win.DotSetup.C5590604 Malicious
VBA32
TScope.Trojan.MSIL Malicious
Malwarebytes
PUP.Optional.BundleInstaller Malicious
Panda
PUP/BundleInstaller Malicious
Yandex
Riskware.Agent!h3P2T+oryQw Malicious
MaxSecure
Trojan.Malware.233655569.susgen Malicious
Fortinet
Adware/DotSetupIo Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan:MSIL/DotSetupIo.A Malicious
39 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

โ–ผ
Icon
Hash: 223dbfd2e1a15b5408f3304ac6fe6157
Fuzzy: 193ffd903e7b473b024c46c62d3ac866
dHash: c8b631b2b433a2cc
Image Base 0x00400000
Entry Point 0x00497bc2
Compilation Time 2024-02-15 17:46:37
Checksum 0x000b4df3 (Actual: 0x000b4df3)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Digital Signature OK
Imports 1 libraries
mscoree
Exports 0 functions
Resources 6 Resources
Sections 3 Sections

PE Sections

โ–ผ
Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00002000 613,336 bytes 613,376 bytes 7.10 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 4DD64015BEA2CBA885831FC83E6A2E87
.rsrc 0x00098000 51,242 bytes 51,712 bytes 7.43 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 020AD12A18B7154D2E289A056C6E4E27
.reloc 0x000a6000 12 bytes 512 bytes 0.10 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 8E720F2F8F33891C9DE5CED855ABE900
Entropy Analysis Alert

2 section(s) with elevated entropy (โ‰ฅ6.5) - possible compression

Resource Analysis

โ–ผ
Total Resources: 6 (50,842 bytes)
Resource Type Count Total Size Percentage
RT_ICON 3 46,806 bytes
92.1%
RT_GROUP_ICON 1 48 bytes
0.1%
RT_VERSION 1 856 bytes
1.7%
RT_MANIFEST 1 3,132 bytes
6.2%

Certificate Chain Analysis

โ–ผ
Certificate Information
Product Pั–votstั–ck
Description Pivot Animator
File Version 1.92.3.8643
Original Name Pivot.exe
Signing Date 05:47 PM 02/15/2024 (533 days ago)
Verification Status Signed
Signers Motus Software Ltd; Domain The Net Technologies Ltd CA for Code Signing R2; SSL.com Code Signing Enterprise Intermediate CA RSA R1; SSL.com Root Certification Authority RSA
Counter Signers Sectigo RSA Time Stamping Signer #4; Sectigo RSA Time Stamping CA; Sectigo
Internal Name Pivot.exe
Copyright Copyright Pั–votstั–ck
Certificate Chain Summary
Motus Software Ltd #1 Primary
Validity Period: 2023-04-16 13:42:57 โ†’ 2024-03-30 17:10:47
Signature Algorithm: sha256RSA
Serial Number: 6C D9 2D 7F A0 D1 38 F5 7F 8F 20 2E 2D 65 58 AF
SSL.com Code Signing Enterprise Intermediate CA RSA R1 #2 Chain
Validity Period: 2019-03-26 17:33:21 โ†’ 2034-03-22 17:33:21
Signature Algorithm: sha256RSA
Serial Number: 5B 7F 54 38 25 E4 1A A1 2A DE 21 43 9C DF E6 6F
Sectigo RSA Time Stamping CA #3 Chain
Validity Period: 2019-05-02 00:00:00 โ†’ 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9
Sectigo RSA Time Stamping Signer #4 #4 Chain
Validity Period: 2023-05-03 00:00:00 โ†’ 2034-08-02 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 39 4C 25 E1 7C A0 6D 27 A8 65 E2 3B D9 1D 22 D4
Domain The Net Technologies Ltd CA for Code Signing R2 #5 Chain
Validity Period: 2019-04-01 17:10:47 โ†’ 2024-03-30 17:10:47
Signature Algorithm: sha256RSA
Serial Number: 5E 1B 74 73 09 52 B1 FA 3E 0D 4A 9C 50 A8 DA BE

โœ“ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
33 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware