Gridinsoft Logo

Efe015ab3269359ca9ed2159a673e48255ce64b2367cb149a5702e3d0b08b831.exe Malware Gen Analysis

Updated 1 year ago
Checked by Malware Check
efe015ab3269359ca9ed2159a673e48255ce64b2367cb149a5702e3d0b08b831.exe

Technical Analysis

File Name efe015ab3269359ca9ed2159a673e48255ce64b2367cb149a5702e3d0b08b831.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.141.174
Database Version 2023-10-05 09:06:41 UTC

Malware.Win64.Gen.cc

Malware family: Gen

This is a generic detection identifier for files exhibiting Trojan horse characteristics. It indicates malware that disguises itself as legitimate software while containing malicious code designed to compromise system security or steal information.
N/A
Detection Rate
731,224
File Size (bytes)
2023-10-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
0f33c9af251b7e586a593f00b69217f0
SHA1
ddb8b08e490a6544df9cc95895db01e9afdb2ca1
SHA256
efe015ab3269359ca9ed2159a673e48255ce64b2367cb149a5702e3d0b08b831
SHA512
2e08fca759bc47d729ea6c02fb1105adb5d1fa399945c7c4bdb04108b799f92a03557050af8db7d4c91f299667a10e0179e78105c175d2d7148d25c13b9457ec
ImpHash
72b6c52c0d5dbc2ee054d5cae5c0510a

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140077494
Compilation Time 2023-09-05 04:41:42
Checksum 0x000b4f2f (Actual: 0x000b4f2f)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path E:\Workspace\Noping\service.notification.center\x64\Release\service.notification.center.pdb
Digital Signature SignerInfo.digestEncryptionAlgorithm: 1.2.840.10045.2.1 is not acceptable as encryption algorithm
Imports 19 libraries
Exports 18 functions
Resources 1 Resources
Sections 6 Sections

Digital Signatures

DigiCert Assured ID Root CA DigiCert Inc (US)
SSL.com EV Code Signing Intermediate CA RSA R3 1NCRÍVEL SISTEMAS LTDA (BR)
SSL.com EV Root Certification Authority RSA R2 SSL Corporation (US)
DigiCert Trusted Root G4 DigiCert, Inc. (US)
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA DigiCert, Inc. (US)
SSL.com EV Root Certification Authority RSA R2 SSL Corp (US)

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 517,668 bytes 518,144 bytes 5.84 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ CDD350770DC062EF445CAAD1BF5E21E5
.rdata 0x00080000 151,824 bytes 152,064 bytes 4.75 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A9891F21BC8E2EA07E3A65BF20C25256
.data 0x000a6000 17,224 bytes 9,216 bytes 4.67 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4D9E4C113C6416BAB3C230F02570D95C
.pdata 0x000ab000 37,584 bytes 37,888 bytes 5.67 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F77B1187BD0DC17837BEC5CAD392BE39
.rsrc 0x000b5000 488 bytes 512 bytes 4.77 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A61C45A2512F4503A6043FA04C0AD54E
.reloc 0x000b6000 1,400 bytes 1,536 bytes 5.14 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 89AD07C96C29D1C7A68C6550DE365914

Resource Analysis

Total Resources: 1 (392 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 392 bytes
100%

Certificate Chain Analysis

Certificate #1
Subject DigiCert Trusted Root G4
DigiCert Inc
US
Issuer DigiCert Assured ID Root CA
Serial Number 19414496059604725969669510860671817818
Certificate #2
Subject 1NCRÍVEL SISTEMAS LTDA
1NCRÍVEL SISTEMAS LTDA
BR
Issuer SSL.com EV Code Signing Intermediate CA RSA R3
Serial Number 111450557511039747977626468400718889923
Certificate #3
Subject SSL.com EV Root Certification Authority RSA R2
SSL Corporation
US
Issuer SSL.com EV Root Certification Authority RSA R2
Serial Number 6248227494352943350
Certificate #4
Subject DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
DigiCert, Inc.
US
Issuer DigiCert Trusted Root G4
Serial Number 9586110043380832440035821245782711899
Certificate #5
Subject DigiCert Timestamp 2023
DigiCert, Inc.
US
Issuer DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
Serial Number 7002784885422699301467740558332354838
Certificate #6
Subject SSL.com EV Code Signing Intermediate CA RSA R3
SSL Corp
US
Issuer SSL.com EV Root Certification Authority RSA R2
Serial Number 88120626561545005758442085613766983940
Certificate Verification Status

SignerInfo.digestEncryptionAlgorithm: 1.2.840.10045.2.1 is not acceptable as encryption algorithm

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Malware.Win64.Gen.cc Removal

Gridinsoft has the capability to identify and eliminate Malware.Win64.Gen.cc without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware