Gridinsoft Logo
File Icon

The AdwCleaner.exe (AdwCleaner) File Analysis

Updated 1 year ago
Checked by Malware Check
AdwCleaner.exe

Technical Analysis

File Name AdwCleaner.exe
File Type
PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
Scanner Version 1.0.170.174
Database Version 2024-03-23 22:00:23 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
8,791,352
File Size (bytes)
2024-03-23
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
31eba5c542887dee4507780b2350eb82
SHA1
5da1addcef89747573e18d4cb361ed7d384cc3cb
SHA256
1f544da66675521a649e632108f86afb351ad336bd34b7b5c3d290827ebeef54
SHA512
19c08be4f321eabe5cb30c33f71a7f1dc5c27c4fa7d7bd4cb4cb7cf23cf73aa8c8b4b1e9ec0fb9fc2d0e538768c9f95c540aa7928705f6d6a44180ac537cefcc
ImpHash
2f7dc2efdae50d3a11477df7f7104560

PE Analysis

Basic Information

Icon
Hash: 3d4e8cce45e130542c29fd593453d391
Fuzzy: e3a5e9f0998cd847ce83305df1bacd1a
dHash: 715258e97261ad09
Image Base 0x00400000
Entry Point 0x01a04150
Compilation Time 2022-08-30 16:45:44
Checksum 0x008681b9 (Actual: 0x008681b9)
OS Version 6.0
PEiD Signatures PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
Digital Signature OK
Imports 2 libraries
KERNEL32, ntdll
Exports 0 functions
Resources 11 Resources
Sections 3 Sections

Version Information

CompanyName Malwarebytes
FileDescription AdwCleaner
FileVersion 8.4.0.0
InternalName AdwCleaner
LegalCopyright Copyright 2022 Malwarebytes
LegalTrademarks1 All Rights Reserved
LegalTrademarks2 All Rights Reserved
OriginalFilename AdwCleaner.exe
ProductName AdwCleaner
ProductVersion 8.4
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
UPX0 0x00001000 14,598,144 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
UPX1 0x00ded000 8,486,912 bytes 8,486,400 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 38E991E0EEA0AB8B42C08285407ECF1D
.rsrc 0x01605000 126,976 bytes 125,440 bytes 5.12 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B613A0BE7CF031C312B2285A62B7CD73
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 11 (1,282,158 bytes)
Resource Type Count Total Size Percentage
BINARY 2 1,157,812 bytes
90.3%
RT_ICON 6 121,647 bytes
9.5%
RT_GROUP_ICON 1 90 bytes
0%
RT_VERSION 1 872 bytes
0.1%
RT_MANIFEST 1 1,737 bytes
0.1%

Certificate Chain Analysis

Certificate Information
Product AdwCleaner
Description AdwCleaner
File Version 8.4.0.0
Original Name AdwCleaner.exe
Signing Date 04:50 PM 08/30/2022 (1068 days ago)
Verification Status Signed
Signers Malwarebytes Inc.; Sectigo RSA Code Signing CA 2; USERTrust RSA Certification Authority; Sectigo (AAA)
Counter Signers Microsoft Public RSA Time Stamping Authority; Microsoft Public RSA Timestamping CA 2020; Microsoft Identity Verification Root Certificate Authority 2020
Internal Name AdwCleaner
Copyright Copyright 2022 Malwarebytes
Certificate Chain Summary
USERTrust RSA Certification Authority #1 Primary
Validity Period: 2019-03-12 00:00:00 → 2028-12-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 39 72 44 3A F9 22 B7 51 D7 D3 6C 10 DD 31 35 95
Malwarebytes Inc. #2 Chain
Validity Period: 2022-03-23 00:00:00 → 2025-03-16 23:59:59
Signature Algorithm: sha256RSA
Serial Number: A6 57 F7 78 B3 1A E5 23 D6 67 13 17 18 D1 6E B2
Sectigo RSA Code Signing CA 2 #3 Chain
Validity Period: 2021-05-25 00:00:00 → 2036-05-24 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 9E 02 B0 E9 4A CE B2 10 9C A1 E9 83 6B E0 C2 DB
Microsoft Public RSA Timestamping CA 2020 #4 Chain
Validity Period: 2020-11-19 20:32:31 → 2035-11-19 20:42:31
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 00 05 E5 CF 0F FF 66 2E C9 87 00 00 00 00 00 05
Microsoft Public RSA Time Stamping Authority #5 Chain
Validity Period: 2022-07-07 18:37:20 → 2023-07-07 18:37:20
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 00 1D AE C9 44 A1 CE 22 00 AB 00 00 00 00 00 1D
Microsoft Identity Verification Root Certificate Authority 2020 #6 Chain
Validity Period: 2020-04-16 18:36:16 → 2045-04-16 18:44:40
Signature Algorithm: sha384RSA
Serial Number: 54 98 D2 D1 D4 5B 19 95 48 13 79 C8 11 C0 87 99
Malwarebytes Inc #7 Chain
Validity Period: 2022-08-30 15:03:00 → 2022-09-02 15:03:00
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 2A 30 33 00 D6 81 B8 F7 82 54 00 00 00 00 2A 30
Microsoft ID Verified CS AOC CA 01 #8 Chain
Validity Period: 2021-04-13 17:31:54 → 2026-04-13 17:31:54
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 00 07 37 8C 5B A1 D9 5B 8C D4 00 00 00 00 00 07
Microsoft ID Verified Code Signing PCA 2021 #9 Chain
Validity Period: 2021-04-01 20:05:20 → 2036-04-01 20:15:20
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 00 07 87 A3 34 A3 7B A5 8E 1C 00 00 00 00 00 07
Microsoft Public RSA Time Stamping Authority #10 Chain
Validity Period: 2022-07-07 18:37:22 → 2023-07-07 18:37:22
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 00 1E 13 57 DA 40 37 CD FC 82 00 00 00 00 00 1E

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware