Gridinsoft Logo
File Icon

CRM.ovl Trojan Heuristic Analysis

Updated 3 months ago
Checked by Malware Check
cRM.ovl

Technical Analysis

File Name cRM.ovl
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.225.174
Database Version 2025-09-25 11:00:31 UTC

Trojan.Heur!.00046021

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
24,824,936
File Size (bytes)
2025-09-25
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
bec588dee1cbb88de4825770016e8303
SHA1
c6baeb8714b49579f3954755352be3040717c8b2
SHA256
fcb001fc573ff4a3fd3b40bd25178bb8cda5f410dbcc2eff1fadfd23d9ce4bb9
SHA512
10ce7ba301b287ee15e25103fb70b64c590f88b3f0b862694ce676403a6e4b229c63a1469d2dc1f6b8f7ebea58fb53841daf549116ca0eeff86d022b4b44cb19
ImpHash
b0469ae0c45d0b752034c6140b0f8455

PE Analysis

Basic Information

Icon
Hash: a91d4d0fc55b34fe8193e428073acb98
Fuzzy: fc9359ce3d115f76e0b2d47734560289
dHash: 343ded2c2d646c64
Image Base 0x00400000
Entry Point 0x00f0b12f
Compilation Time 2025-09-16 10:39:26
Checksum 0x017b2d63 (Actual: 0x017b9706)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path C:\BuildAgent\work\RelationshipManager_13_CrmCore\cRM.Application\bin\combit.cRM.RichClient\Release\cRM.pdb
Digital Signature OK
Imports 30 libraries
Exports 105 functions
Resources 1642 Resources
Sections 8 Sections

Version Information

CompanyName combit GmbH
FileDescription combit CRM
FileVersion 13.2
InternalName cRM
LegalCopyright Copyright (C) combit GmbH
OriginalFilename cRM.exe
ProductName combit CRM ®
ProductVersion 13.2
Translation 0x0407 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 16,842,996 bytes 16,843,264 bytes 6.45 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 88A74A4A268FF2A92B53C66EB3651E84
.rdata 0x01012000 3,089,164 bytes 3,089,408 bytes 5.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ CBA232608DE737012A5470406B82AA0D
.data 0x01305000 577,452 bytes 534,528 bytes 4.95 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 6D73F080787152032B69E6F60EAD98E2
.detourc 0x01392000 4,544 bytes 4,608 bytes 4.08 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ CC5A00E91D21A9CC3F25A6CF8E2C96CD
.detourd 0x01394000 12 bytes 512 bytes 0.07 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 15D7BD12D01A5E1CC9BCFDA0DF81F640
.fptable 0x01395000 128 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x01396000 3,397,964 bytes 3,398,144 bytes 6.25 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 261036C778DBDD8644A369F847D48F29
.reloc 0x016d4000 942,456 bytes 942,592 bytes 6.52 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 877892D1EFA2F66881B04CB27B52BC15
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 1642 (3,279,950 bytes)
Resource Type Count Total Size Percentage
AFX_DIALOG_LAYOUT 68 280 bytes
0%
AVI 2 12,800 bytes
0.4%
JS 5 54,721 bytes
1.7%
PNG 431 1,031,205 bytes
31.4%
RT_SVG 37 8,426 bytes
0.3%
RT_XAML 111 91,271 bytes
2.8%
STYLE 2 86,457 bytes
2.6%
TEXTFILE 3 71,942 bytes
2.2%
TYPELIB 1 79,904 bytes
2.4%
RT_CURSOR 43 16,108 bytes
0.5%
RT_BITMAP 97 570,070 bytes
17.4%
RT_ICON 122 454,640 bytes
13.9%
RT_MENU 66 50,054 bytes
1.5%
RT_DIALOG 194 213,168 bytes
6.5%
RT_STRING 323 519,968 bytes
15.9%
RT_ACCELERATOR 6 744 bytes
0%
RT_GROUP_CURSOR 39 836 bytes
0%
RT_GROUP_ICON 57 2,050 bytes
0.1%
RT_VERSION 1 676 bytes
0%
RT_MANIFEST 2 4,607 bytes
0.1%
None 32 10,023 bytes
0.3%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

OK

Trojan.Heur!.00046021 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.00046021 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware