Gridinsoft Logo
File Icon

The AimStar-UserMode.exe File Analysis

Updated 9 months ago
Checked by Malware Check
AimStar-UserMode.exe

Technical Analysis

File Name AimStar-UserMode.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (console) x86-64, for MS Windows
SSDEEP Hash
49152:8FPogg5x39Crj6/qR2094n+I2L1dCh5QcmYDwe:Wg5Z9Crj6/qqn+I2L1Y5Fqe
Scanner Version 1.0.193.174
Database Version 2024-10-21 14:00:27 UTC

Suspicious File Detected

Detected by 25 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

GameHack refers to game modification tools that manipulate game mechanics to provide unfair advantages, violating game terms of service and fair play principles.
34%
Detection Rate
2,140,672
File Size (bytes)
25/73
Engines Detected
2024-10-21
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
e6860be9c52c996643ebf188d84b4195
SHA1
b6fda75e70c9c476baa79c2c1c53a0ed969d2494
SHA256
c5a5c23afe444de842d1b9fceb233ae2b18ca569e076e1f5ccf45924f2cbdb4d
SHA512
b7a060b1e9f2cb2cb6c3cb41e46311afcedf1e1a025a3ed0673348a1dde61a96edb964f7c23cdce4ffd7ad11d1853572c2713361f1b0e466cb3c7511b34e25ae
ImpHash
64c8fcabed5c0e8a17102f0590aff01b

Security Engines with Detections (25 of 73)

Bkav
W64.AIDetectMalware Malicious
Lionic
Trojan.Win32.GameHack.4!c Malicious
Elastic
malicious (high confidence) Malicious
CTX
exe.trojan.agen Malicious
Cylance
Unsafe Malicious
Sangfor
Trojan.Win32.Save.a Malicious
CrowdStrike
win/malicious_confidence_60% (D) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
a variant of Win64/GameHack_AGen.YE potentially unsafe Malicious
APEX
Malicious Malicious
ClamAV
Win.Packed.Vmprotect-10022754-0 Malicious
McAfeeD
ti!C5A5C23AFE44 Malicious
Sophos
Generic Reputation PUA (PUA) Malicious
Ikarus
Trojan.Win64.Krypt Malicious
Varist
W64/ABApplication.FOVO-9350 Malicious
Antiy-AVL
GrayWare/Win32.Caypnamer Malicious
Microsoft
PUA:Win32/Puwaders.C!ml Malicious
Google
Detected Malicious
AhnLab-V3
Trojan/Win.Generic.R669504 Malicious
McAfee
Artemis!E6860BE9C52C Malicious
Malwarebytes
Neshta.Virus.FileInfector.DDS Malicious
Rising
PUA.GameHack!8.223 (CLOUD) Malicious
SentinelOne
Static AI - Suspicious PE Malicious
Fortinet
Adware/GameHack_AGen Malicious
DeepInstinct
MALICIOUS Malicious
48 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 3b1b6e1e0aa30bd9dabd9e7d8835b5fa
Fuzzy: 39b6e055f5629b692fc8b698a73058d2
dHash: f0d4aaaaaaaad4f0
Image Base 0x140000000
Entry Point 0x1400dc394
Compilation Time 2024-10-17 12:16:51
Checksum 0x00000000 (Actual: 0x00210769)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path H:\Visual Studio Project\AimStar-Main\x64\Ring3\AimStar-Ring3.pdb
Digital Signature No valid SignedData structure was found.
Imports 26 libraries
Exports 0 functions
Resources 7 Resources
Sections 7 Sections

Version Information

FileVersion 1.0.0.0
InternalName AimStar.exe
LegalCopyright Copyright (C) 2023
OriginalFilename CS2.exe
ProductName AimStar Cheat
ProductVersion 1.0.0.0
Translation 0x0804 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 948,999 bytes 949,248 bytes 6.56 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 9738686CA5E601688B2B80509A270334
.rdata 0x000e9000 152,048 bytes 152,064 bytes 6.08 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F09B1588FDE836AC6BF0EF507AFE3230
.data 0x0010f000 741,336 bytes 735,744 bytes 7.10 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE C99068E76AD2C9C34D48777E844D5559
.pdata 0x001c4000 30,492 bytes 30,720 bytes 6.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0E0CAC646FE63447D65641850B2D4CB3
_RDATA 0x001cc000 115,248 bytes 115,712 bytes 6.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 71B09407F8AAB64E75B3F66A6AC27A90
.rsrc 0x001e9000 154,368 bytes 154,624 bytes 6.79 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A3EEE02A949B6A458C17495927EC8876
.reloc 0x0020f000 1,272 bytes 1,536 bytes 4.91 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 92A376EE4C81D86BE34AB93C7259EA43
Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 7 (153,915 bytes)
Resource Type Count Total Size Percentage
RT_ICON 4 152,893 bytes
99.3%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 568 bytes
0.4%
RT_MANIFEST 1 392 bytes
0.3%

Certificate Chain Analysis

Certificate Information
Product AimStar Cheat
File Version 1.0.0.0
Original Name CS2.exe
Internal Name AimStar.exe
Copyright Copyright (C) 2023

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
25 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware