The VencordInstaller exe (Vencord Installer) Vencord File Malware Analysis

The VencordInstaller.exe (Vencord Installer) File Analysis

Updated 16 hours ago

Checked by Malware Check

VencordInstaller.exe

Hash Type	Value	Action
MD5	1b8ee61ddcfd1d425821d76ea54ca829
SHA1	f8daf2bea3d4a6bfc99455d69c3754054de3baa5
SHA256	dc0826657a005009f43bdc3a0933d08352f8b22b2b9b961697a2db6e9913e871
SHA512	75ba16ddc75564e84f5d248326908065942ad50631ec30d7952069caee15b8c5411a8802d25d38e9d80e042f1dde97a0326f4ab4f1c90f8e4b81396ca69c229a
ImpHash	ce9ecabbb6408a2b520b3cef22e5752f

Hash Type

Value

Action

MD5

1b8ee61ddcfd1d425821d76ea54ca829

SHA1

f8daf2bea3d4a6bfc99455d69c3754054de3baa5

SHA256

dc0826657a005009f43bdc3a0933d08352f8b22b2b9b961697a2db6e9913e871

SHA512

75ba16ddc75564e84f5d248326908065942ad50631ec30d7952069caee15b8c5411a8802d25d38e9d80e042f1dde97a0326f4ab4f1c90f8e4b81396ca69c229a

ImpHash

ce9ecabbb6408a2b520b3cef22e5752f

PE Analysis

Basic Information

▼

Icon	Hash: 14d9563ae8a495c308beef074f07e18d Fuzzy: 29991bef794b76ddc325cb42ea549f2d dHash: 32d2c2d29491d264
Image Base	`0x140000000`
Entry Point	`0x1400014c0`
Compilation Time	1970-01-01 00:00:00
Checksum	0x009e516f (Actual: 0x009e712f)
OS Version	6.1
PEiD Signatures	`PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows`
Digital Signature	No valid SignedData structure was found.
Imports	6 libraries GDI32, KERNEL32, msvcrt, OPENGL32, SHELL32, USER32
Exports	27 functions
Resources	11 Resources
Sections	12 Sections

Version Information

▼

Comments	Comments
CompanyName	Vencord
FileDescription	Vencord Installer
LegalCopyright	© 2023 Vendicated and Contributors - GPL3.0
ProductName	Vencord Installer
ProductVersion
Translation	0x0409 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	6,204,784 bytes	6,204,928 bytes	6.37 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_ALIGN_32BYTES`	`0DBF27C96A155945B2A3995A09C0B606`
`.data`	`0x005ec000`	302,544 bytes	302,592 bytes	4.71 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE\|IMAGE_SCN_ALIGN_32BYTES`	`908C2114790974B1D79A61A19D934D62`
`.rdata`	`0x00636000`	3,293,696 bytes	3,293,696 bytes	5.84 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_ALIGN_32BYTES`	`EE7AE28352AC7092C98340F8DE8BB0DC`
`.pdata`	`0x0095b000`	183,672 bytes	183,808 bytes	6.19 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_ALIGN_4BYTES`	`D8C8A3B4AB8519E3FC78DEFED1632B49`
`.xdata`	`0x00988000`	169,780 bytes	169,984 bytes	5.22 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_ALIGN_4BYTES`	`791C489AE34755C97E7ADEC7890CDC77`
`.bss`	`0x009b2000`	9,002,176 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_UNINITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE\|IMAGE_SCN_ALIGN_32BYTES`	`D41D8CD98F00B204E9800998ECF8427E`
`.edata`	`0x01248000`	754 bytes	1,024 bytes	4.52 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_ALIGN_4BYTES`	`5A4CBA0F708E93D90FABB28AF183A314`
`.idata`	`0x01249000`	11,588 bytes	11,776 bytes	4.96 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE\|IMAGE_SCN_ALIGN_4BYTES`	`C7466DDE06DD5A53077CDCE1F8D1D452`
`.CRT`	`0x0124c000`	112 bytes	512 bytes	0.48 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE\|IMAGE_SCN_ALIGN_8BYTES`	`1F67E814B33B8B93AF19E7F196A78772`
`.tls`	`0x0124d000`	16 bytes	512 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE\|IMAGE_SCN_ALIGN_8BYTES`	`BF619EAC0CDF3F68D496EA9344137E8B`
`.rsrc`	`0x0124e000`	107,912 bytes	107,912 bytes	2.62 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE\|IMAGE_SCN_ALIGN_4BYTES`	`EF5F5FCB328953664B35D41784ED7F38`
`.reloc`	`0x01269000`	61,916 bytes	61,952 bytes	5.44 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_ALIGN_4BYTES`	`41964BC1EAD3C6225A52273E86D716E8`

Resource Analysis

▼

Total Resources: 11 (105,960 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	7	104,279 bytes	98.4%
RT_GROUP_ICON	2	110 bytes	0.1%
RT_VERSION	1	620 bytes	0.6%
RT_MANIFEST	1	951 bytes	0.9%

Certificate Chain Analysis

▼

Certificate Information

Product	Vencord Installer
Description	Vencord Installer
Copyright	© 2023 Vendicated and Contributors - GPL3.0

✓ This file has been digitally signed and the certificate chain has been verified

The signature ensures file integrity and authenticity from the publisher
Timestamping proves when the signature was applied

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

File Name	VencordInstaller.exe
File Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Scanner Version	1.0.219.174
Database Version	2025-06-26 11:00:25 UTC

The VencordInstaller.exe (Vencord Installer) File Analysis

Technical Analysis

Clean File

Scan Another File

File Identification

PE Analysis

Basic Information

Version Information

PE Sections

Resource Analysis

Certificate Chain Analysis

Certificate Information

Certificate Verification Status

Remember: This is Result of Online Virus Scanner

Keep Your System Protected

Leave a Comment

Gridinsoft Anti-Malware