Please ensure you understand and agree with our data protection policy before using this site. Review Policy
Online Virus Checker | v.1.0.180.174 |
DB Version: | 2024-06-24 20:00:17 |
This is a generic detection name used to identify a potentially harmful or suspicious file or program that exhibits characteristics of a Trojan horse. It is malware that disguises itself as a legitimate or benign program but contains malicious code or functions.
File | VencordInstaller.exe |
Checked | 2024-06-24 17:50:38 |
MD5 | 1b8ee61ddcfd1d425821d76ea54ca829 |
SHA1 | f8daf2bea3d4a6bfc99455d69c3754054de3baa5 |
SHA256 | dc0826657a005009f43bdc3a0933d08352f8b22b2b9b961697a2db6e9913e871 |
SHA512 | 75ba16ddc75564e84f5d248326908065942ad50631ec30d7952069caee15b8c5411a8802d25d38e9d80e042f1dde97a0326f4ab4f1c90f8e4b81396ca69c229a |
Imphash | ce9ecabbb6408a2b520b3cef22e5752f |
File Size | 10339840 bytes |
Gridinsoft has the capability to identify and eliminate Ransom.Win64.Gen.tr without requiring further user intervention.
Comments | Comments |
CompanyName | Vencord |
FileDescription | Vencord Installer |
LegalCopyright | © 2023 Vendicated and Contributors - GPL3.0 |
ProductName | Vencord Installer |
ProductVersion | |
Translation | 0x0409 0x04b0 |
14d9563ae8a495c308beef074f07e18d 29991bef794b76ddc325cb42ea549f2d 32d2c2d29491d264 |
|
Image Base: | 0x140000000 |
Entry Point: | 0x1400014c0 |
Compilation: | 1970-01-01 00:00:00 |
Checksum: | 0x009e516f (Actual: 0x009e712f) |
OS Version: | 6.1 |
PEiD: | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 12 |
Imports: | GDI32, KERNEL32, msvcrt, OPENGL32, SHELL32, USER32, |
Exports: | 27 |
Resources: | 11 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x005ead70 | 0x005eae00 | 0dbf27c96a155945b2a3995a09c0b606 | 6.37 |
.data | 0x005ec000 | 0x00049dd0 | 0x00049e00 | 908c2114790974b1d79a61a19d934d62 | 4.71 |
.rdata | 0x00636000 | 0x00324200 | 0x00324200 | ee7ae28352ac7092c98340f8de8bb0dc | 5.84 |
.pdata | 0x0095b000 | 0x0002cd78 | 0x0002ce00 | d8c8a3b4ab8519e3fc78defed1632b49 | 6.19 |
.xdata | 0x00988000 | 0x00029734 | 0x00029800 | 791c489ae34755c97e7adec7890cdc77 | 5.22 |
.bss | 0x009b2000 | 0x00895cc0 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.edata | 0x01248000 | 0x000002f2 | 0x00000400 | 5a4cba0f708e93d90fabb28af183a314 | 4.52 |
.idata | 0x01249000 | 0x00002d44 | 0x00002e00 | c7466dde06dd5a53077cdce1f8d1d452 | 4.96 |
.CRT | 0x0124c000 | 0x00000070 | 0x00000200 | 1f67e814b33b8b93af19e7f196a78772 | 0.48 |
.tls | 0x0124d000 | 0x00000010 | 0x00000200 | bf619eac0cdf3f68d496ea9344137e8b | 0.00 |
.rsrc | 0x0124e000 | 0x0001a588 | 0x0001a588 | ef5f5fcb328953664b35d41784ed7f38 | 2.62 |
.reloc | 0x01269000 | 0x0000f1dc | 0x0000f200 | 41964bc1ead3c6225a52273e86d716e8 | 5.44 |