The leaksgg exe File Malware Analysis
Gridinsoft Logo

The leaksgg.exe File Analysis

Updated 1 month ago
Checked by Malware Check
leaksgg.exe

Technical Analysis

File Name leaksgg.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
49152:Yh4y3VLuxuMvAKrTZrNyAk2dEzkhT8pOnGP:YhjVqxdAGTZ10tFP
Scanner Version 1.0.229.174
Database Version 2025-11-27 21:00:33 UTC

Suspicious File Detected

Detected by 34 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
49%
Detection Rate
2,518,528
File Size (bytes)
34/69
Engines Detected
2025-11-27
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
55bee7dd84fc5a52c3b2b55f3a044c1b
SHA1
35607ce892dc2d46d696ae921f0546f3cc157a72
SHA256
e4e21acc0feed0e2208f161c56176e363878c1fa5272eae8a8f5d4cd5e9f791c
SHA512
aa6190abb05217db91a4ca8456416b74fefd29ae73d9b63264ab6aa46aa97a6ff0fea87dc9570197a8a82947756a9ffb66fd80a415cca13cdec3b4c5f815a62e
ImpHash
e3a1e421cc067a745d5b93b39a7e1e12

Security Engines with Detections (34 of 69)

Bkav
W64.AIDetectMalware Malicious
Lionic
Trojan.Win32.Generic.4!c Malicious
Elastic
malicious (high confidence) Malicious
CTX
exe.trojan.sabsik Malicious
CAT-QuickHeal
Trojan.Ghanarava.1748122817044c1b Malicious
Skyhigh
BehavesLike.Win64.HToolPassView.vc Malicious
ALYac
Gen:Variant.Tedy.771060 Malicious
Cylance
Unsafe Malicious
CrowdStrike
win/malicious_confidence_90% (W) Malicious
Arcabit
Trojan.Tedy.DBC3F4 Malicious
Symantec
ML.Attribute.HighConfidence Malicious
TrendMicro-HouseCall
TROJ_GEN.R023H09EB25 Malicious
Paloalto
generic.ml Malicious
BitDefender
Gen:Variant.Tedy.771060 Malicious
MicroWorld-eScan
Gen:Variant.Tedy.771060 Malicious
Avast
FileRepMalware [Misc] Malicious
Emsisoft
Gen:Variant.Tedy.771060 (B) Malicious
VIPRE
Gen:Variant.Tedy.771060 Malicious
McAfeeD
ti!E4E21ACC0FEE Malicious
SentinelOne
Static AI - Suspicious PE Malicious
Sophos
Mal/Generic-S Malicious
Ikarus
Trojan.Win64.Krypt Malicious
Google
Detected Malicious
Antiy-AVL
Trojan/Win32.Sabsik Malicious
Microsoft
Trojan:Win32/Wacatac.B!ml Malicious
GData
Gen:Variant.Tedy.771060 Malicious
Varist
W64/ABTrojan.YIVL-4845 Malicious
APEX
Malicious Malicious
Rising
[email protected] (RDML:xz7Zn01ZT3DLs5EVMfHclg) Malicious
TrellixENS
Artemis!55BEE7DD84FC Malicious
Fortinet
W32/PossibleThreat Malicious
AVG
FileRepMalware [Misc] Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
Trojan:Win/Wacatac.B9nj Malicious
35 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x14003c3dc
Compilation Time 2025-04-23 19:33:20
Checksum 0x00000000 (Actual: 0x0026db88)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path C:\Users\1\Desktop\leaksgg\Output\x64\Release\leaksgg.pdb
Digital Signature No valid SignedData structure was found.
Imports 17 libraries
Exports 0 functions
Resources 1 Resources
Sections 6 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 246,995 bytes 247,296 bytes 6.52 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7AB215B681CF88D6CE27812A0D12E1AB
.rdata 0x0003e000 2,071,080 bytes 2,071,552 bytes 6.99 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D410FE7798720E0AFC9B33B56897E2E9
.data 0x00238000 188,728 bytes 186,880 bytes 7.45 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE E3560C89199B09F4F0BE1956944E69FD
.pdata 0x00267000 10,164 bytes 10,240 bytes 5.64 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 211DD8595726EC260B785C8621FA8243
.rsrc 0x0026a000 480 bytes 512 bytes 4.72 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3CFB54E67F4CCB84318AD5EA8BAC53D7
.reloc 0x0026b000 576 bytes 1,024 bytes 3.51 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 478F40DB2DF31E7475ECE330EAE108E4
Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 1 (381 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 381 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
34 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware