Gridinsoft Logo
File Icon

The PixelSee_id3292249id.exe (PixelSee Player Installer) File Analysis

Updated 1 year ago
Checked by Malaware Check
PixelSee_id3292249id.exe

Technical Analysis

File Name PixelSee_id3292249id.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
98304:F8g1ahfZU6b40BPkB6KxmqCIOpzlod3ZakAwTHQGaXIoOf8unJE8e:FpifZU6brBMB7xmqCIO+lAwTwGkIoOVY
Scanner Version 1.0.170.174
Database Version 2024-03-27 03:00:24 UTC

Suspicious File Detected

Detected by 22 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

Convagent is riskware or adware that displays unwanted advertisements and generates revenue through user interactions and ad clicks.
31%
Detection Rate
4,978,064
File Size (bytes)
22/72
Engines Detected
2024-03-27
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
d060b778c966e239767c30d87388efd4
SHA1
7c5055a889fd5d41fcbef337cfed157ad8c34eac
SHA256
cea1d7a2be59517bce14e1df4780758960ca9c2f2dd71f432dc4e957445be2ac
SHA512
4bc53b3c75667963819f84f666eb951429edb628a88ba85766885d297d99502584462c9e38501ed4b89cdb23c5d36e8180dba9b5605bd85d5056585ea267991a
ImpHash
0de0406fdd78b05cf36237b5d0fda439

Security Engines with Detections (22 of 72)

Bkav
W32.Common.A8B740D7 Malicious
Skyhigh
Artemis!Trojan Malicious
McAfee
Artemis!D060B778C966 Malicious
Malwarebytes
PUP.Optional.PixelSee Malicious
TrendMicro-HouseCall
TROJ_GEN.R002H07CD24 Malicious
Kaspersky
not-a-virus:HEUR:Server-Proxy.Win32.Convagent.gen Malicious
Avast
Win32:PUP-gen [PUP] Malicious
Jiangmin
Server-Proxy.Convagent.f Malicious
Microsoft
PUABundler:Win32/MediaGet Malicious
ZoneAlarm
not-a-virus:HEUR:Server-Proxy.Win32.Convagent.gen Malicious
GData
Win32.Application.Agent.4MIKFU Malicious
Cynet
Malicious (score: 100) Malicious
AhnLab-V3
PUP/Win.BundleInstaller.C5601846 Malicious
VBA32
BScope.Adware.MediaGet Malicious
Cylance
unsafe Malicious
Ikarus
PUA.Agent Malicious
MaxSecure
Trojan.Malware.115722436.susgen Malicious
Fortinet
Riskware/Application Malicious
AVG
Win32:PUP-gen [PUP] Malicious
DeepInstinct
MALICIOUS Malicious
CrowdStrike
win/grayware_confidence_60% (D) Malicious
alibabacloud
ProxyTool:Win/Convagent.gen Malicious
50 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 28899361782e78fdaa1303b528ba98ce
Fuzzy: e499e90b5ddbb5548ab4ab1ed89a7470
dHash: c4d0c48484c4d0c4
Image Base 0x00400000
Entry Point 0x0066490f
Compilation Time 2024-02-28 15:35:50
Checksum 0x004cb516 (Actual: 0x004cb516)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature OK
Imports 16 libraries
Exports 0 functions
Resources 10 Resources
Sections 5 Sections

Version Information

Comments PixelSee Player Installer
CompanyName SIA Circle Solutions
FileDescription PixelSee Player Installer
FileVersion 14.0.0.0
InternalName pixelsee
LegalCopyright Copyright � 2022-2023 SIA Circle Solutions
OriginalFilename pixelsee
PrivateBuild 0
ProductName PixelSee
ProductVersion 14.0.0.0
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 2,725,764 bytes 2,725,888 bytes 6.76 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 98B31D2F8ED6C5CF39BCA79FB5E684B2
.rdata 0x0029b000 732,302 bytes 732,672 bytes 6.18 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5E1E0E61CA26B0B87EF9E65DB49675A9
.data 0x0034e000 52,544 bytes 25,600 bytes 3.96 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1CDFAEA2392EBCF8DC9481F1B3E3161A
.rsrc 0x0035b000 1,365,120 bytes 1,365,504 bytes 7.94 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 40134EF56BDF6D923DA3C664C03B1F18
.reloc 0x004a9000 106,940 bytes 107,008 bytes 6.66 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ F8132AA4505DBFD384144D127366521B
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 10 (1,364,291 bytes)
Resource Type Count Total Size Percentage
ARCHIVE_7Z 2 1,133,049 bytes
83.1%
CRT 1 227,153 bytes
16.6%
RT_ICON 1 2,223 bytes
0.2%
RT_DIALOG 1 272 bytes
0%
RT_ACCELERATOR 1 112 bytes
0%
RT_GROUP_ICON 1 20 bytes
0%
RT_VERSION 1 900 bytes
0.1%
RT_MANIFEST 1 392 bytes
0%
None 1 170 bytes
0%

Certificate Chain Analysis

Certificate Information
Product PixelSee
Description PixelSee Player Installer
File Version 14.0.0.0
Original Name pixelsee
Signing Date 03:36 PM 02/28/2024 (464 days ago)
Verification Status Signed
Signers SIA Circle Solutions; Sectigo Public Code Signing CA R36; Sectigo Public Code Signing Root R46; Sectigo (AAA)
Counter Signers Sectigo RSA Time Stamping Signer #4; Sectigo RSA Time Stamping CA; Sectigo
Internal Name pixelsee
Copyright Copyright � 2022-2023 SIA Circle Solutions
Certificate Chain Summary
Sectigo Public Code Signing Root R46 #1 Primary
Validity Period: 2021-05-25 00:00:00 → 2028-12-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 48 FC 93 B4 60 55 94 8D 36 A7 C9 8A 89 D6 94 16
Sectigo Public Code Signing CA R36 #2 Chain
Validity Period: 2021-03-22 00:00:00 → 2036-03-21 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 62 1D 6D 0C 52 01 9E 3B 90 79 15 20 89 21 1C 0A
SIA Circle Solutions #3 Chain
Validity Period: 2023-05-26 00:00:00 → 2026-05-25 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 6A D9 43 81 15 E1 71 7C D5 5B 8B D8 76 C8 9C CD
Sectigo RSA Time Stamping CA #4 Chain
Validity Period: 2019-05-02 00:00:00 → 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9
Sectigo RSA Time Stamping Signer #4 #5 Chain
Validity Period: 2023-05-03 00:00:00 → 2034-08-02 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 39 4C 25 E1 7C A0 6D 27 A8 65 E2 3B D9 1D 22 D4

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
22 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware