Gridinsoft Logo
File Icon

The 2hsu.exe File Analysis

Updated 3 months ago
Checked by Malware Check
2hsu.exe

Technical Analysis

File Name 2hsu.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.226.174
Database Version 2025-10-08 03:00:37 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
66,634,910
File Size (bytes)
2025-10-08
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
79215b7e715578afa30b8f7e50946f6d
SHA1
c4582a1b71b254a09835b631676dd416b743e8ab
SHA256
c7c869d7528b0cdd6444aee45f680a6aa5503fdb15842270ba0dc90afd6dd728
SHA512
2b71af0b38d1290ad3e1e1413cda5682512bf8b4b7e1af46c317e70351b7e37d27836025e5cd8b9cc65be46334116f05aa2ab94c5bc854d5702c0a7ee7b37a36
ImpHash
351592d5ead6df0859b0cc0056827c95

PE Analysis

Basic Information

Icon
Hash: bf590806976e4c40c01a4e5a74044d60
Fuzzy: d7b90dfc16efabf5fde7309471de7795
dHash: 808c90f2eac68ada
Image Base 0x140000000
Entry Point 0x14000cf30
Compilation Time 2025-09-26 13:10:58
Checksum 0x03f8f8fc (Actual: 0x03f8f8fc)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 3 libraries
USER32, KERNEL32, ADVAPI32
Exports 0 functions
Resources 9 Resources
Sections 7 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 184,752 bytes 184,832 bytes 6.48 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 41C2B5E44758036E91A3F8D9B04C968E
.rdata 0x0002f000 79,578 bytes 79,872 bytes 5.75 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6A423EE1BB869C68E83810D1AD0E05EE
.data 0x00043000 20,656 bytes 3,584 bytes 1.83 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 03BE87F74B83CF5FB04C525B81B27C53
.pdata 0x00049000 9,288 bytes 9,728 bytes 5.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 128CAF62F437B202260DA7396DDD0BF7
.fptable 0x0004c000 256 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x0004d000 19,432 bytes 19,456 bytes 7.85 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DF10611FCAD440011E8D69A95DD5D9AF
.reloc 0x00052000 1,904 bytes 2,048 bytes 5.27 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ CA65027011CD43E1DCB6AC16B46171A4
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 9 (18,899 bytes)
Resource Type Count Total Size Percentage
RT_ICON 7 17,502 bytes
92.6%
RT_GROUP_ICON 1 104 bytes
0.6%
RT_MANIFEST 1 1,293 bytes
6.8%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware