The cacc1f36b3817e8b48fabbb4b4bd9d2f1949585c2f5170e3d2d04211861ef2ac exe File Malware Analysis
Gridinsoft Logo

The cacc1f36b3817e8b48fabbb4b4bd9d2f1949585c2f5170e3d2d04211861ef2ac.exe File Analysis

Updated 9 months ago
Checked by Malware Check
cacc1f36b3817e8b48fabbb4b4bd9d2f1949585c2f5170e3d2d04211861ef2ac.exe

Technical Analysis

File Name cacc1f36b3817e8b48fabbb4b4bd9d2f1949585c2f5170e3d2d04211861ef2ac.exe
File Type
Win32 DLL
Magic Bytes PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
SSDEEP Hash
384:VS3pp+ZDmX7jITNq7ojUMS5ew3Ph8v8sSUq0qzKU:Mpp+ZDmX7jITwkjUbk6a89
Scanner Version 1.0.210.174
Database Version 2025-03-17 13:00:57 UTC

Suspicious File Detected

Detected by 19 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
26%
Detection Rate
20,992
File Size (bytes)
19/73
Engines Detected
2025-03-17
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
1ba16655232828e33b7073046d64ecc0
SHA1
28aaf8be816eb44be4ec8a8c28e0ceabc2c7f065
SHA256
cacc1f36b3817e8b48fabbb4b4bd9d2f1949585c2f5170e3d2d04211861ef2ac
SHA512
4b6594b3738abe0baa0eff74acffa09de7bb038256fefea85407163d1bdfcedc01df95b6b5b1593ac8a25f19c7df572666221fe12b93fe9c1bc59289f60ccde2
ImpHash
39056f223674f7e814b515e67f59305a

Security Engines with Detections (19 of 73)

Elastic
malicious (moderate confidence) Malicious
McAfee
Artemis!1BA166552328 Malicious
Cylance
Unsafe Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
Win64/Agent.FNN Malicious
Kaspersky
Trojan.Win64.Agentb.lcdz Malicious
Avast
Win64:TrojanX-gen [Trj] Malicious
McAfeeD
ti!CACC1F36B381 Malicious
Sophos
Mal/Generic-S Malicious
Ikarus
Trojan.Win64.Agent Malicious
Google
Detected Malicious
Varist
W64/ABTrojan.OQCQ-1420 Malicious
Cynet
Malicious (score: 100) Malicious
Fortinet
W32/PossibleThreat Malicious
Rising
Trojan.Agent!8.B1E (TFE:5:V0OFn431BY) Malicious
GData
Win64.Trojan.Agent.9WEKXP Malicious
AVG
Win64:TrojanX-gen [Trj] Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan:Win/Agentb.lzhr Malicious
54 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x6e380000
Entry Point 0x6e381330
Compilation Time 2025-02-23 12:45:54
Checksum 0x00007844 (Actual: 0x00007844)
OS Version 4.0
PEiD Signatures PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 2 libraries
KERNEL32, msvcrt
Exports 1 functions
Resources 0 Resources
Sections 11 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 11,816 bytes 12,288 bytes 6.10 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES 5E8D53D9A5C3B0FF7AD04755BA3288DA
.data 0x00004000 128 bytes 512 bytes 0.74 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_16BYTES 9E7C70484B1CBDBB724646952FA05A4C
.rdata 0x00005000 768 bytes 1,024 bytes 3.09 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_32BYTES 826920D677FEC3884DEDBA650FDED6F1
.pdata 0x00006000 660 bytes 1,024 bytes 2.85 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES 5803BC5B72C681BD5DDE563426508C79
.xdata 0x00007000 556 bytes 1,024 bytes 2.77 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES C2384131CE6508CB42695E492E755C50
.bss 0x00008000 2,848 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_32BYTES D41D8CD98F00B204E9800998ECF8427E
.edata 0x00009000 67 bytes 512 bytes 0.65 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES A37126E1C5C2BF36BC6B12B3100381D5
.idata 0x0000a000 1,764 bytes 2,048 bytes 3.65 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES 11163240EE9FA05A4FDC1842E9CCDB63
.CRT 0x0000b000 88 bytes 512 bytes 0.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES 97D23BFFE61302CF3FBA93FBE58B162D
.tls 0x0000c000 16 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES BF619EAC0CDF3F68D496EA9344137E8B
.reloc 0x0000d000 100 bytes 512 bytes 1.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES 92D07A3A4415CFBF58D5CA867B312125

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
19 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware