GridinSoft Threat Intelligence
Cloudflare WARP.exe threat report
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as General Threat.
First seen 2023-01-12 23:49:13 (3 years ago); latest analysis 2023-01-12 23:49:13 (3 years ago).
Company metadata: Cloudflare. Product metadata: Cloudflare WARP.
Signed by Cloudflare, Inc.. The signature is reported as valid, but signed files can still be bundled or abused.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present.
File context
Cloudflare WARP.exe is a Windows file recorded in the ThreatInfo database. It is associated with Cloudflare WARP. The reported company name is Cloudflare. The current detection status is General Threat, based on the latest analysis from 2023-01-12 23:49:13 (3 years ago).
If Cloudflare WARP.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as General Threat.
File Details
| Product Name: | Cloudflare WARP |
| Company Name: | Cloudflare |
| MD5: | 212d36a330fadd5c3c900dbee27eba13 |
| Size: | 222 MB |
| First Published: | 2023-01-12 23:49:13 (3 years ago) |
| Latest Published: | 2023-01-12 23:49:13 (3 years ago) |
| Status: | General Threat (on last analysis) | |
| Analysis Date: | 2023-01-12 23:49:13 (3 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Overview
| Signed By: | Cloudflare, Inc. |
| Status: | Valid |
The signature on Cloudflare WARP.exe is reported as valid. A valid signature helps confirm publisher identity, but it does not automatically make the file safe if the installer was bundled, abused, or downloaded from an untrusted source.
Geographic signal
Observed country distribution
ThreatInfo has seen Cloudflare WARP.exe across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is Malaysia with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for Cloudflare WARP.exe is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
Cloudflare WARP.exe is identified as pe for 64-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
fcf2733785fd5920b54129b0bd340d7a
66c042b0029b087d224a84943ed3f644
6eb1137a8845269cb70b09bd0bcf72c3
d24d65e5b895e359e7b5587e234b9239
fc39b7b6d3eb590398b91d37c4e25e43
80476f4f41d9acc35ba609cdeaa3cea6
bf619eac0cdf3f68d496ea9344137e8b
01b97fe5618268b684aac15a20776fb3
72aec01954e2aabdd1523a3bbdc9a3d5
86d0a93ffbd46de6f12e60c9ec18d92e
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as General Threat
This report identifies Cloudflare WARP.exe by MD5 212d36a330fadd5c3c900dbee27eba13. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.