Gridinsoft Logo

The tv_reg_import.exe File Analysis

Updated 26 days ago
Checked by Malware Check
tv_reg_import.exe

Technical Analysis

File Name tv_reg_import.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
SSDEEP Hash
49152:90l4q4HDJU8JgPerb/TfvO90d7HjmAFd4A64nsfJJ/i1STC3gi5gNuS+N9ZmQND+:wzYJUKUYRaveKyj
Scanner Version 1.0.231.174
Database Version 2025-12-14 09:00:29 UTC

Suspicious File Detected

Detected by 3 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
4%
Detection Rate
2,941,440
File Size (bytes)
3/72
Engines Detected
2025-12-14
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
b8e5cdc152a25aac68dea8a6879239bf
SHA1
5b2467ecfb3280a9db34a2528cbecc7e002a92e1
SHA256
bc8fd7f99271c5ea6b004965cab632f335e288ba97b0e6e5bb77e4c11cce2d6d
SHA512
48ae218375d2e4a75cfc5a7814dfedd2ecb081c428e7ff44c9e0fd661a0d8bb3ada0ee8d924235f7f54891605bec0b09bba851c253abf2410c667ec237dce104
ImpHash
f0ea7b7844bbc5bfa9bb32efdcea957c

Security Engines with Detections (3 of 72)

Bkav
W64.AIDetectMalware Malicious
Microsoft
Trojan:Win32/Wacatac.B!ml Malicious
MaxSecure
Trojan.Malware.300983.susgen Malicious
69 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x00463d00
Compilation Time 1970-01-01 00:00:00
Checksum 0x00000000 (Actual: 0x002d1b43)
OS Version 6.1
PEiD Signatures PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 1 libraries
kernel32
Exports 0 functions
Resources 0 Resources
Sections 13 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 866,879 bytes 867,328 bytes 6.19 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 07C70D76DDAEAEA13C116A01E7141967
.rdata 0x000d5000 901,536 bytes 901,632 bytes 5.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 07CDD42F9A684B553F067471902212B0
.data 0x001b2000 471,504 bytes 107,520 bytes 4.52 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2F77E37CC48733754DDC69919DBDF519
/4 0x00226000 295 bytes 512 bytes 5.10 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES 43DC7A0AE5A7067502907DB800396667
/19 0x00227000 169,787 bytes 169,984 bytes 7.99 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES EFCAB7683FF6463DA5D00F5C28783533
/32 0x00251000 31,731 bytes 31,744 bytes 7.94 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES C72ABF8BE2DC5B78EF335767911C37F4
/46 0x00259000 48 bytes 512 bytes 0.86 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES 40CCA7C46FC713B4F088E5D440CA7931
/65 0x0025a000 449,027 bytes 449,536 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES 9925A48136D13EBD25EC12D81E1C8360
/78 0x002c8000 182,097 bytes 182,272 bytes 7.99 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES 6F4A260D0CD901B1AD0EDCB993A00F80
/90 0x002f5000 54,427 bytes 54,784 bytes 7.79 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES 3B1B7EA1D105DFB2221B380E008C7D3F
.idata 0x00303000 1,168 bytes 1,536 bytes 3.59 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2F38C01575216C6F21873D1C0F655F28
.reloc 0x00304000 14,902 bytes 15,360 bytes 5.39 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ E93BCB227B8C0E29475F8121B3FE2802
.symtab 0x00308000 156,745 bytes 157,184 bytes 5.24 (Normal) IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 438D8BDC60116C274313712524AA8A2C
Entropy Analysis Alert

5 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
3 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware