Gridinsoft Logo
File Icon

The Weidows.exe (xxdz) File Analysis

Updated 1 month ago
Checked by Malware Check
Weidows.exe

Technical Analysis

File Name Weidows.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Scanner Version 1.0.229.174
Database Version 2025-11-22 14:00:25 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
29,111,593
File Size (bytes)
2025-11-22
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
a28690b7c4ac39c06e30d5315b569ce8
SHA1
12eb697ac6f2640667908d675cee7953e036f983
SHA256
80991308af6dbc538be9d3311cc957ddc9ea99dc4b4b0d599bfac8e4110e33e8
SHA512
11b1a59d823fdbd5ea9dc00ef260c8ac647259ef29b05e9589d68f4cb8b71ce548b60eacde8686b0ceb65b12eec44f6493e0de98bcdee01a497ca63fa4e17fa2
ImpHash
ac35f654c0b4fc1849014c60222d1fc6

PE Analysis

Basic Information

Icon
Hash: 15d9d62e39b7a16b4610ba534fb7be7d
Fuzzy: c0f01605f8323d41f2c6d3879ca513a5
dHash: c09838fa9ca0c038
Image Base 0x00400000
Entry Point 0x0058f310
Compilation Time 2005-11-07 13:10:28
Checksum 0x00000000 (Actual: 0x01bce3f1)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Digital Signature No valid SignedData structure was found.
Imports 15 libraries
Exports 0 functions
Resources 82 Resources
Sections 3 Sections

Version Information

Comments Created with Multimedia Builder version 4.9.7.8
CompanyName xxdz
FileDescription xxdz
FileVersion 1.6.6.6
InternalName xxdz-bingdu-weixin
LegalCopyright bilibili-xiaoxiaodianzi xxdz
LegalTrademarks xxdz
OriginalFilename Weidows666.exe
PrivateBuild 1.6.6.6
ProductName xxdz-bingdu-weixin
ProductVersion 1.6.6.6
SpecialBuild 1.6.6.6
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
UPX0 0x00001000 1,122,304 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
UPX1 0x00113000 512,000 bytes 509,440 bytes 7.93 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A0A883CAE5709B39E294BF202C2EFCF7
.rsrc 0x00190000 28,672 bytes 28,672 bytes 3.52 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 91103A44A99196C42C3C40419814366B
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 82 (47,481 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 22 6,660 bytes
14%
RT_BITMAP 5 2,612 bytes
5.5%
RT_ICON 4 21,280 bytes
44.8%
RT_MENU 1 148 bytes
0.3%
RT_DIALOG 9 2,678 bytes
5.6%
RT_STRING 14 11,478 bytes
24.2%
RT_GROUP_CURSOR 21 434 bytes
0.9%
RT_GROUP_ICON 3 74 bytes
0.2%
RT_VERSION 1 1,388 bytes
2.9%
RT_MANIFEST 1 654 bytes
1.4%
None 1 75 bytes
0.2%

Certificate Chain Analysis

Certificate Information
Product xxdz-bingdu-weixin
Description xxdz
File Version 1.6.6.6
Original Name Weidows666.exe
Internal Name xxdz-bingdu-weixin
Copyright bilibili-xiaoxiaodianzi xxdz

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware