Gridinsoft Logo

The gdiplus.dll (Microsoft GDI+) File Analysis

Updated 3 months ago
Checked by Malaware Check
gdiplus.dll

Technical Analysis

File Name gdiplus.dll
File Type
PE32 executable (DLL) (console) Intel 80386, for MS Windows
Scanner Version 1.0.210.174
Database Version 2025-03-08 20:00:40 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
1,706,800
File Size (bytes)
2025-03-08
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
3317698f2090dd811f0aa93190e13c82
SHA1
c38988e544df349bcfe4b51cb383ab206e2fc06b
SHA256
830915b87cbc95217f58b8b499f73b618607c0164e0aa1217722eae18c1fb321
SHA512
12e6ebfba3a9639ebc83056f20c8d4307104d7198736e52236e94fd10edbb4bd9de9d29bbff630279c3a770c3f0c158497ac8e32798505709c50bf3c7df8b2ae
ImpHash
7941976a82dd7ff8b1a2ea069878fab3

PE Analysis

Basic Information

Image Base 0x70d00000
Entry Point 0x70d01fdf
Compilation Time 2001-08-18 05:33:41
Checksum 0x001a18da (Actual: 0x001a18da)
OS Version 5.1
PEiD Signatures PE32 executable (DLL) (console) Intel 80386, for MS Windows
PDB Path MicrosoftWindowsGdiPlus-1000-gdiplus.pdb
Digital Signature OK
Imports 5 libraries
KERNEL32, USER32, GDI32, ole32, ADVAPI32
Exports 609 functions
Resources 3 Resources
Sections 5 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Microsoft GDI+
FileVersion 5.1.3097.0 (xpclient.010817-1148)
InternalName gdiplus
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename gdiplus
ProductName Microsoft® Windows® Operating System
ProductVersion 5.1.3097.0
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,540,944 bytes 1,544,192 bytes 6.82 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ A73E931A4876297F669D7DDB6248A03F
.data 0x0017a000 41,564 bytes 40,960 bytes 4.50 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1005C00870AAF7ACC1F45C5D64555A15
Shared 0x00185000 3,528 bytes 4,096 bytes 2.44 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 3237F20954680D5B09E277883A0EC64E
.rsrc 0x00186000 72,120 bytes 73,728 bytes 6.59 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 152A8E3A3F692A5EA60DCF9401326F43
.reloc 0x00198000 29,564 bytes 32,768 bytes 6.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ E0612DC4A634538ACC4F8E6D9218CE3E
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 3 (71,850 bytes)
Resource Type Count Total Size Percentage
SIAMDB 2 70,982 bytes
98.8%
RT_VERSION 1 868 bytes
1.2%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Microsoft GDI+
File Version 5.1.3097.0 (xpclient.010817-1148)
Original Name gdiplus
Signing Date 11:25 PM 08/23/2001 (8688 days ago)
Verification Status Signed
Signers Microsoft Corporation; Microsoft Code Signing PCA; Microsoft Root Authority
Counter Signers VeriSign Time Stamping Service; VeriSign Time Stamping CA
Internal Name gdiplus
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Certificate #1 Primary
Validity Period: 1997-05-12 00:00:00 → 2004-01-07 23:59:59
Signature Algorithm: md5RSA
Serial Number: 4A 19 D2 38 8C 82 59 1C A5 5D 73 5F 15 5D DC A3
VeriSign Time Stamping Service #2 Chain
Validity Period: 2001-02-28 00:00:00 → 2004-01-06 23:59:59
Signature Algorithm: md5RSA
Serial Number: 08 7A 6D 5C 6F 62 93 4F BA C4 FD 43 E1 14 18 9D
Microsoft Root Authority #3 Chain
Validity Period: 1997-01-10 07:00:00 → 2020-12-31 07:00:00
Signature Algorithm: md5RSA
Serial Number: C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Microsoft Corporation #4 Chain
Validity Period: 2001-03-29 21:27:26 → 2002-05-29 21:37:26
Signature Algorithm: sha1RSA
Serial Number: 61 06 2A 8D 00 00 00 00 00 0B
Microsoft Code Signing PCA #5 Chain
Validity Period: 2000-12-10 08:00:00 → 2005-11-12 08:00:00
Signature Algorithm: md5RSA
Serial Number: 6A 0B 99 4F C0 00 DE AA 11 D4 D8 40 9A A8 BE E6

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware