Gridinsoft Logo
File Icon

The ClassicShellSetup_4_3_1.exe (Adds classic shell features to Windows 7 and Windows 8) File Analysis

Updated 2 months ago
Checked by Malaware Check
ClassicShellSetup_4_3_1.exe

Technical Analysis

File Name ClassicShellSetup_4_3_1.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.212.174
Database Version 2025-04-02 05:00:34 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
7,187,816
File Size (bytes)
2025-04-02
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
230d1965a035bc4c894941caa3d19a32
SHA1
317604eba6e94e8777741d577b0ef160a0af3258
SHA256
942c7ee37303c962628555e196eb35f4465bb45d204600dd2518dd20ddebe5e2
SHA512
00ac51bdf37bde44668e5cf20854f67df1b222959f8876e2fc3d05814cdb7b11c728411e5ce04187c7fb9c7939cab56cffaa3a8f02bf0a17437dcf7af51755a4
ImpHash
846beeaaa47aac39313849b60d047ffe

PE Analysis

Basic Information

Icon
Hash: cc7311bc7fc40bcf281518e982560964
Fuzzy: 47412470f1e3afbfd55c32b0efa77459
dHash: 31f0f4f2f2f2d4cc
Image Base 0x00400000
Entry Point 0x00403ac0
Compilation Time 2018-07-15 20:15:56
Checksum 0x006de5ee (Actual: 0x006de5ee)
OS Version 5.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path d:\Work\TestP4\ClassicShell\ClassicShellSetup\Release\ClassicShellSetup.pdb
Digital Signature OK
Imports 6 libraries
COMCTL32, VERSION, KERNEL32, USER32, ADVAPI32, SHELL32
Exports 0 functions
Resources 15 Resources
Sections 5 Sections

Version Information

CompanyName IvoSoft
FileDescription Adds classic shell features to Windows 7 and Windows 8
FileVersion 4, 3, 1, 0
InternalName ClassicShellSetup
LegalCopyright Copyright (C) 2009-2016, Ivo Beltchev
OriginalFilename ClassicShellSetup.exe
ProductName Classic Shell
ProductVersion 4, 3, 1, 0
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 50,069 bytes 50,176 bytes 6.58 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ C3190DBD2C88B70ABAFEEB39EE6A1B1E
.rdata 0x0000e000 13,090 bytes 13,312 bytes 5.26 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7434C5B20FDD55A8F614E454D9714236
.data 0x00012000 11,556 bytes 4,096 bytes 2.50 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE EEF96DACAA67322537C76A3EB6B4EEC3
.rsrc 0x00015000 7,088,268 bytes 7,088,640 bytes 7.82 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7C8234AC267B911F9EF1FC117F52A6C3
.reloc 0x006d8000 23,404 bytes 23,552 bytes 1.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 2E19EAD77FEF8F01D294C37F536E018B
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 15 (7,087,340 bytes)
Resource Type Count Total Size Percentage
MSI_FILE 3 7,046,161 bytes
99.4%
RT_ICON 5 34,408 bytes
0.5%
RT_DIALOG 1 412 bytes
0%
RT_STRING 3 3,304 bytes
0%
RT_GROUP_ICON 1 76 bytes
0%
RT_VERSION 1 860 bytes
0%
RT_MANIFEST 1 2,119 bytes
0%

Certificate Chain Analysis

Certificate Information
Product Classic Shell
Description Adds classic shell features to Windows 7 and Windows 8
File Version 4, 3, 1, 0
Original Name ClassicShellSetup.exe
Signing Date 08:15 PM 07/15/2018 (2524 days ago)
Verification Status Signed
Signers Ivaylo Beltchev; DigiCert SHA2 Assured ID Code Signing CA; DigiCert
Counter Signers Symantec SHA256 TimeStamping Signer - G2; Symantec SHA256 TimeStamping CA; VeriSign Universal Root Certification Authority
Internal Name ClassicShellSetup
Copyright Copyright (C) 2009-2016, Ivo Beltchev
Certificate Chain Summary
Ivaylo Beltchev #1 Primary
Validity Period: 2018-07-15 00:00:00 → 2019-09-19 12:00:00
Signature Algorithm: sha256RSA
Serial Number: 03 BC 33 0E FA 73 04 56 25 64 15 07 8B CF A4 10
DigiCert SHA2 Assured ID Code Signing CA #2 Chain
Validity Period: 2013-10-22 12:00:00 → 2028-10-22 12:00:00
Signature Algorithm: sha256RSA
Serial Number: 04 09 18 1B 5F D5 BB 66 75 53 43 B5 6F 95 50 08
Symantec SHA256 TimeStamping CA #3 Chain
Validity Period: 2016-01-12 00:00:00 → 2031-01-11 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 7B 05 B1 D4 49 68 51 44 F7 C9 89 D2 9C 19 9D 12
Symantec SHA256 TimeStamping Signer - G2 #4 Chain
Validity Period: 2017-01-02 00:00:00 → 2028-04-01 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 54 58 F2 AA D7 41 D6 44 BC 84 A9 7B A0 96 52 E6

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware