Gridinsoft Logo
File Icon

The wintrust.dll (Microsoft Trust Verification APIs) File Analysis

Updated 3 months ago
Checked by Malware Check
wintrust.dll

Technical Analysis

File Name wintrust.dll
File Type
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Scanner Version 1.0.225.174
Database Version 2025-09-21 01:00:21 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
382,712
File Size (bytes)
2025-09-21
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
b7a38368a52ff07d875e6465bd7ee26a
SHA1
99d5ea14e5ef16fc997e09f681eaad39bc5c6f61
SHA256
8c6c791e8db8728f9a610def238c61be054bfa3de487bf6ab037130a61a3ef19
SHA512
5a3b474f6b8731067f3a149fde53f9216cb8fb81ef5bb0aa4a622c7ceb7c4b8b65fdb91167d2a179b8c4e52a3761a42f5d06ddca2d935704d33db6f0ad7b3275
ImpHash
535395085773d709ddd7a1de7e97336e

PE Analysis

Basic Information

Icon
Hash: def0ffb52e91fe4435c11192245069f1
Fuzzy: 562af4a460fff613b0973ccd3228deaf
dHash: 01cec692b694c002
Image Base 0x180000000
Entry Point 0x1800110c0
Compilation Time 2001-06-20 23:26:45
Checksum 0x00064bf7 (Actual: 0x0006459f)
OS Version 10.0
PEiD Signatures PE32+ executable (DLL) (GUI) x86-64, for MS Windows
PDB Path wintrust.pdb
Digital Signature The expected hash does not match the digest in SpcInfo
Imports 34 libraries
Exports 159 functions
Resources 5 Resources
Sections 7 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Microsoft Trust Verification APIs
FileVersion 10.0.19041.630 (WinBuild.160101.0800)
InternalName WINTRUST.DLL
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename WINTRUST.DLL
ProductName Microsoft® Windows® Operating System
ProductVersion 10.0.19041.630
OleSelfRegister
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 267,667 bytes 267,776 bytes 6.24 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ A052C6876AA08D6FB52C5EC4A8F166AF
.rdata 0x00043000 75,802 bytes 76,288 bytes 5.08 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F1ACC33D3E3FA35EDE07F597BE8EAE87
.data 0x00056000 4,713 bytes 1,024 bytes 3.71 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 24FAD150779231C73B90301E1DE8F230
.pdata 0x00058000 13,092 bytes 13,312 bytes 5.58 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9CDDA6BD8F25DAF8A375B0BCF567D790
.didat 0x0005c000 1,512 bytes 1,536 bytes 3.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B3533DF7A21542D66B001638CC6595B4
.rsrc 0x0005d000 7,792 bytes 8,192 bytes 5.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0B0B854D1DD82492F1897DA2BB2F18EF
.reloc 0x0005f000 1,240 bytes 1,536 bytes 4.83 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 25D797CA9A50F8D23D12120A4007EE7E

Resource Analysis

Total Resources: 5 (7,374 bytes)
Resource Type Count Total Size Percentage
MSTESTROOT 2 5,618 bytes
76.2%
RT_ICON 1 744 bytes
10.1%
RT_GROUP_ICON 1 20 bytes
0.3%
RT_VERSION 1 992 bytes
13.5%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Microsoft Trust Verification APIs
File Version 10.0.19041.630 (WinBuild.160101.0800)
Original Name WINTRUST.DLL
Signing Date 11:25 AM 11/05/2020 (1892 days ago)
Verification Status The digital signature of the object did not verify.
Signers Microsoft Windows; Microsoft Windows Production PCA 2011; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name WINTRUST.DLL
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Code Verification Root #1 Primary
Validity Period: 2005-11-01 13:46:46 → 2025-11-01 13:54:03
Signature Algorithm: sha1RSA
Serial Number: 72 94 04 10 1F 3E 0C A3 47 83 7F CA 17 5A 84 38
Microsoft Testing Root Certificate Authority 2010 #2 Chain
Validity Period: 2010-06-17 20:58:02 → 2035-06-17 21:04:11
Signature Algorithm: sha256RSA
Serial Number: 74 45 C8 78 4E 0C C9 96 4A B4 2F BC DA 29 E1 BC
Microsoft Test Root Authority #3 Chain
Validity Period: 1999-01-10 07:00:00 → 2020-12-31 07:00:00
Signature Algorithm: md5RSA
Serial Number: 5F EA 4F D2 F2 1D 43 10 B6 E8 54 3E D8 95 26 18
Microsoft Windows #4 Chain
Validity Period: 2020-03-04 18:30:39 → 2021-03-03 18:30:39
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 66 BD 15 80 EF A7 5C D6 D3 00 00 00 00 02 66
Microsoft Windows Production PCA 2011 #5 Chain
Validity Period: 2011-10-19 18:41:42 → 2026-10-19 18:51:42
Signature Algorithm: sha256RSA
Serial Number: 61 07 76 56 00 00 00 00 00 08
Microsoft Time-Stamp Service #6 Chain
Validity Period: 2019-11-13 21:40:34 → 2021-02-11 21:40:34
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 17 31 60 7E 07 76 31 9E 09 00 00 00 00 01 17
Microsoft Time-Stamp PCA 2010 #7 Chain
Validity Period: 2010-07-01 21:36:55 → 2025-07-01 21:46:55
Signature Algorithm: sha256RSA
Serial Number: 61 09 81 2A 00 00 00 00 00 02

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware