Gridinsoft Logo
File Icon

The Microstub.exe (AVG Installer) File Analysis

Updated 2 days ago
Checked by Malaware Check
Microstub.exe

Technical Analysis

File Name Microstub.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.218.174
Database Version 2025-06-11 11:00:15 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
253,768
File Size (bytes)
2025-06-11
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
f7cc4e6ad217b833a17c8f68426dce4e
SHA1
7cac6d6d62bce78e9e2b45c465c484869ca88407
SHA256
1475da2ac9b008c6634d5f221a0a8367c3b3398e61bccfd243d2816d5b790ae0
SHA512
fbdb40b722e85d1f6d9f85c5cdb2f31c9e42883d5ec9afb12dbf54943fc1b45a6d238e7566b5153678898dae6c24568f080b274d49e36153acfa891702100f31
ImpHash
d692b06eb88ecd849f7778fde1ba5c2b

PE Analysis

Basic Information

Icon
Hash: 6fd9826266e9428af2d651a9236d0a29
Fuzzy: c0ecce3cd217e42d3da02bdf2bf16d53
dHash: fc8e9e189e1e18b0
Image Base 0x00400000
Entry Point 0x00401020
Compilation Time 2024-09-20 07:50:42
Checksum 0x0003e309 (Actual: 0x0003e309)
OS Version 5.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path C:\BUILD\work\8b0ebd312dc47f30\projects\avast\microstub\x86\Release\microstub.pdb
Digital Signature OK
Imports 7 libraries
KERNEL32, USER32, GDI32, ADVAPI32, ole32, COMCTL32, SHLWAPI
Exports 0 functions
Resources 38 Resources
Sections 6 Sections

Version Information

CompanyName Gen Digital Inc.
Edition 15
FileDescription AVG Installer
FileVersion 2.1.133.0
InternalName microstub
LegalCopyright Copyright © 2024 Gen Digital Inc. All rights reserved.
OriginalFilename microstub.exe
ProductName AVG
ProductVersion 2.1.133.0
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 141,962 bytes 142,336 bytes 6.54 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 048B5F9952EC115D158C2659FD5FEA1B
.rdata 0x00024000 41,932 bytes 41,984 bytes 5.41 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ FF24BF7B2B960E86BC47962F5886B7BA
.data 0x0002f000 5,688 bytes 2,560 bytes 2.93 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 07BED435CA46C538C610ABB7A6EC5B6F
.didat 0x00031000 80 bytes 512 bytes 0.72 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 310153CCEEDC67B7821FD53A89F7509F
.rsrc 0x00032000 46,448 bytes 46,592 bytes 6.85 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4547CAE582BBCCB4898C7D63EBD58F6D
.reloc 0x0003e000 7,652 bytes 7,680 bytes 6.67 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 7EB59722D86F149DB69ED64DC18C1A0A
Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 38 (44,815 bytes)
Resource Type Count Total Size Percentage
PNG 1 2,333 bytes
5.2%
RT_ICON 4 24,961 bytes
55.7%
RT_STRING 30 15,576 bytes
34.8%
RT_GROUP_ICON 1 62 bytes
0.1%
RT_VERSION 1 804 bytes
1.8%
RT_MANIFEST 1 1,079 bytes
2.4%

Certificate Chain Analysis

Certificate Information
Product AVG
Description AVG Installer
File Version 2.1.133.0
Original Name microstub.exe
Signing Date 07:57 AM 09/20/2024 (267 days ago)
Verification Status Signed
Signers AVG Technologies USA, LLC; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4
Counter Signers Sectigo Public Time Stamping Signer R35; Sectigo Public Time Stamping CA R36; Sectigo Public Time Stamping Root R46
Internal Name microstub
Copyright Copyright © 2024 Gen Digital Inc. All rights reserved.
Certificate Chain Summary
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #1 Primary
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
AVG Technologies USA, LLC #2 Chain
Validity Period: 2022-09-16 00:00:00 → 2025-09-17 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 04 35 60 3F 7A 88 8A E1 6C 05 B0 0F 15 3C C6 FC
Sectigo Public Time Stamping Signer R35 #3 Chain
Validity Period: 2024-01-15 00:00:00 → 2035-04-14 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 3A 52 6A 2C 84 CE 55 E6 1D 65 FC CC 12 D8 E9 89
Sectigo Public Time Stamping CA R36 #4 Chain
Validity Period: 2021-03-22 00:00:00 → 2036-03-21 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 7A 23 AE DA 53 69 96 0F 91 C8 3E 5C F4 C7 E3 3F
Sectigo Public Time Stamping Root R46 #5 Chain
Validity Period: 2021-03-22 00:00:00 → 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 36 C2 B0 BD 7C 1B 3A E7 A3 B3 DD 36 CB C9 75 68

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware