| Online Virus Checker | v.1.0.189.174 |
| DB Version: | 2024-09-19 09:00:28 |
The "Heur" stands for "heuristic," which means we use a set of rules, algorithms, or behavioral analysis to detect potential threats that may not have a specific, known signature. It's a proactive approach to identifying suspicious behavior or code patterns that could indicate the presence of a Trojan or other malware. The file's behavior or characteristics triggered the heuristic analysis as potentially malicious. However, it doesn't necessarily confirm that the file is indeed a Trojan. It could be a false positive, where a legitimate program exhibits behavior that resembles malicious activity.
| File | Loader.exe |
| Checked | 2024-09-19 06:59:34 |
| MD5 | 8ced63a11a23e48a39fc7ffa37b55497 |
| SHA1 | 0b094fe77e956da89094496593dd5e58546ade5d |
| SHA256 | e38a6ff7c59345cec9555b7f4c0d8b55ceede69a86ef87837f54f9b92896ead5 |
| SHA512 | 6dc4e48fddd7bb659fa010321362ea20b2520ea43b1771d55664261bb9abc333af952dc519eb892a76f7562e615e0a0c8422db122e17d1e82def5be7daeb4228 |
| Imphash | b49c874740c82819732efa0c68cfb692 |
| File Size | 59703840 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.03212023 without requiring further user intervention.
 |
9401657f5d94e6b99736483c329dd15c 5254b8c1239123599580cc75a52f47c3 9070cca4d6cc7110 |
| Image Base: | 0x140000000 |
| Entry Point: | 0x1458a8058 |
| Compilation: | 2024-06-18 16:55:32 |
| Checksum: | 0x038f1b8d (Actual: 0x038f3b2c) |
| OS Version: | 6.0 |
| PEiD: | PE32+ executable (GUI) x86-64, for MS Windows |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 14 |
| Imports: | kernel32, USER32, GDI32, ADVAPI32, SHELL32, ole32, OLEAUT32, WTSAPI32, UxTheme, dwmapi, IMM32, USERENV, VERSION, NETAPI32, WS2_32, WINMM, MSVCP140, WININET, urlmon, ntdll, Normaliz, WLDAP32, CRYPT32, VCRUNTIME140, VCRUNTIME140_1, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-string-l1-1-0, api-ms-win-crt-heap-l1-1-0, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-filesystem-l1-1-0, api-ms-win-crt-utility-l1-1-0, api-ms-win-crt-time-l1-1-0, api-ms-win-crt-environment-l1-1-0, api-ms-win-crt-convert-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-locale-l1-1-0, |
| Exports: | 0 |
| Resources: | 8 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
|---|---|---|---|---|---|
| 0x00001000 | 0x01ece81e | 0x00e4ae00 | 79c4e13cb4f9a404726d3d52a6f985c0 | 7.87 | |
| 0x01ed0000 | 0x003a8218 | 0x00181a00 | d93339bb971f8c82834e7283d4d1eb98 | 7.98 | |
| 0x02279000 | 0x01446c40 | 0x01389600 | df437f341b25839f7807a2e57a35a6d1 | 7.94 | |
| 0x036c0000 | 0x0004d5a4 | 0x0002d400 | 37756c7d41cc3e46b5cde64342c0849b | 7.72 | |
| 0x0370e000 | 0x00000536 | 0x00000200 | 34f5a13cc2d10df968ea40d9ba6cacc7 | 6.24 | |
| 0x0370f000 | 0x0004ece5 | 0x0004ee00 | 4a6297e519c0e0d2c9155192af38fc01 | 8.00 | |
| 0x0375e000 | 0x0001c048 | 0x00007200 | ef1295666c404f9bc4a0590c5588e637 | 7.94 | |
| 0x0377b000 | 0x0000b49c | 0x00007a00 | 29d62dced4f08c7d4d4441cb41a08715 | 7.74 | |
| .idata | 0x03787000 | 0x00001000 | 0x00000c00 | 9d37356e49a2a5ce4e9e684609365730 | 3.81 |
| .tls | 0x03788000 | 0x00001000 | 0x00000200 | 4f28e4cb4bce2b05fc781af13f864c58 | 0.28 |
| .rsrc | 0x03789000 | 0x0001c200 | 0x0001c200 | c3d22abbd2657817eae5964b5a483020 | 2.94 |
| Windows | 0x037a6000 | 0x02102000 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .boot | 0x058a8000 | 0x014f1e00 | 0x014f1e00 | 48b0c4e73761f4a9110af35d14583cc6 | 7.96 |
| .reloc | 0x06d9a000 | 0x00001000 | 0x00000010 | 0a91a05e8f982d63b22b5c3a997c45af | 2.73 |
