GridinSoft Threat Intelligence
gview.exe threat report
GridinSoft Anti-Malware detection
Detected by GridinSoft before you download
The current ThreatInfo record shows this exact file hash detected as Trojan.Generic. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.
- Detection name
- Trojan.Generic
- Recommended action
- Scan and remove
- Last analysis
- 2024-07-17 23:04:21 (2 years ago)
- File hash
- e2cd79f230985b3195d04553e53dd07b
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as Trojan.Generic, part of the Trojan threat category.
Malware disguised as legitimate software or delivered through deceptive packaging. Related Trojan reports help compare this file with nearby detections, publishers, and hashes.
First seen 2024-07-17 23:04:21 (2 years ago); latest analysis 2024-07-17 23:04:21 (2 years ago).
Company metadata: Invensys Systems, Inc..
ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present. Review the Trojan category for related samples and common context.
File context
gview.exe is a Windows file recorded in the ThreatInfo database. The reported company name is Invensys Systems, Inc.. The current detection status is Trojan.Generic, based on the latest analysis from 2024-07-17 23:04:21 (2 years ago). ThreatInfo groups this verdict with Trojan reports for broader family-level investigation.
If gview.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as Trojan.Generic.
File Details
| Company Name: | Invensys Systems, Inc. |
| MD5: | e2cd79f230985b3195d04553e53dd07b |
| Size: | 1 MB |
| First Published: | 2024-07-17 23:04:21 (2 years ago) |
| Latest Published: | 2024-07-17 23:04:21 (2 years ago) |
| Status: | Trojan.Generic (on last analysis) | |
| Analysis Date: | 2024-07-17 23:04:21 (2 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Common Places:
| %sysdrive%\edison acer 2023\trabajos ieo ipc\0.5 documentos ups\tesis ups\intouch_hello\intouch\intouch 8.0 |
ThreatInfo has observed gview.exe in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.
Geographic signal
Observed country distribution
ThreatInfo has seen gview.exe across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is Ecuador with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for gview.exe is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
gview.exe is identified as pe for 32-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
bfcd157a5641267a1c16b639d4c69854
7712941ecb6d864138613081e2d81a51
b1b7db403505282139e97903973c6f1b
4d17e85945ce1c0823e8a323d1f755bb
71156a864487f49872454fcf13659874
554b1cc45f1e8c9ba83b5309214dd3e2
6c6cc18221cff2c8ca347682f8460148
32175109d25e8de0c5dcecb6f6189a9c
941672394d7afd17b7b01bd1782cdb21
9db4a9b9863896c08e81ca9fe14f8e7e
ccf692447539fea784484df191195143
f5a6f3c2648fb79c1e956234f0c40ac5
8ee97612c5f3eecfa663aff461cd14b9
8a2dec92a51c38c1c1a8bacb6e078164
bcbb220fda87b06b394f7949469a773f
59889a8647baee1dc9f26c0e3e1016a1
d65f0c794f1ae41931fbc1f198bdc88b
557a45c2e6af6b88b3df18a49b049959
4dc9025100d5d99237be12ab5660539d
981d16c2fd445fc0f04e3fa65dd6a0ae
e43f512d7012ddc1ab2343a114cada38
81139430e9ac66b68187258c9f896dd3
7c96a20ad9101a2160c5298ee2191e83
4578f28998e1e50906ab067aa85281b9
dcbdce6cc3278516b8c4bf65e06b8072
740fc2582daa145189c5ef19e393e36b
8e0401bb3b45afed190dd5733580a57a
8366f42452db1bd5bffa910c75d6304f
fc7606e34797db55e5ae67832900e7c9
f7a740d139d1c9bb90326533230c7aa9
e790f2a673b68dbeaf4b4b5568d11dc4
9b19ab66756eff5cf9fdab9b756ee75e
6ff6f48cc7ca03e3d1433daf6d116778
b57052ba18f93fb33e782b23fe2f67a0
a9d6e375d7f23aea5f8951f97e041bd9
7c2ffef92f2bb5ac792f512caf822a79
2060f5beb268b9ba093f1820003e4bef
71ca222939d686a8168034a7e6b414d0
d33e0634f1e6bc5c5636231d69fae9df
165aca06ace1f838b824f79e51a2b61c
018d4db6f5c2cbc35f47650686f5ad29
c69947d2c1906e9e8110a0c51fb701c0
3e6f2342af4d3062406dc0cabacc1dd3
c0153644013eb7bc6f2ab7bf8df3b666
b3c29b02a3b224faed9d4a8a2fb6b0e0
4eb57380b18aea1bf230966436d77f50
0db4c678656f44a0df6b2cd08e53a108
a9077b109ed99003d0107df3ce3dbf07
d5d6ce8da1105d471a721b0943c6799e
3fd4ff44334413dd71e90bfeb1c5febd
e3e5579703428a8054812ebbc1f5a69f
bc975204cb3f94ab60441aef28282bed
6ca70e153b32b879c182e7afb204614e
d9fd92c2a57023b386cd80f8f0479fcf
ef483fa9444eea7914179f2c00d1b6f2
2782a0ac5da1164731bed73d632fff86
108081faa183a456d6d4bfe3577f9e4e
c83fe97704e9153d6deab6e3565e6f56
d5f1e3b262456ea1cc8cb0d3c725544d
620f0b67a91f7f74151bc5be745b7110
9a3330909cde0f5d996407f1e518ef76
32c7b2daeeee128fdb2551f400cc9376
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as Trojan.Generic
This report identifies gview.exe by MD5 e2cd79f230985b3195d04553e53dd07b. It is part of the Trojan report group. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.