Gridinsoft Logo

The 1d3bf42e.exe File Analysis

Updated 1 month ago
Checked by Malware Check
1d3bf42e.exe

Technical Analysis

File Name 1d3bf42e.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.229.174
Database Version 2025-11-17 19:00:21 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
11,904,616
File Size (bytes)
2025-11-17
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
5e8ba56cc8742c04374f50a0ae44bd8e
SHA1
2162a07f5e80a40d6d34eba2e805a835c6892183
SHA256
970b47d577d74102b44c48233140a0cbf33ec9a43d4291ea9be9d0dd6ce1e960
SHA512
4d431236c57563bb6430fb68574b1ed8be3071d5e43be9622897c5472c4f0cb7e8902c35e653bd8bebd33b22b9046ef51d872da067d49dba919d40ccd5eb5126
ImpHash
6139e90752d66170f87181f702d02b4d

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140285758
Compilation Time 2025-07-07 20:33:46
Checksum 0x00b5afad (Actual: 0x00b5afad)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
Digital Signature OK
Imports 13 libraries
Exports 0 functions
Resources 9 Resources
Sections 7 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 3,002,468 bytes 3,002,880 bytes 6.18 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 5C913E5512C6E22654A071F2E5B65831
.rdata 0x002df000 822,138 bytes 822,272 bytes 5.72 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F07F64A4913CC7D8BF8A23D515A7E528
.data 0x003a8000 504,316 bytes 445,440 bytes 5.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5434BA999D5A1141E6046141CCF2031C
.pdata 0x00424000 197,844 bytes 198,144 bytes 6.18 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D1790A179C24212B8206FD601ACC1FD9
.rsrc 0x00455000 14,088 bytes 14,336 bytes 7.71 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 490082AC0ADA715D28D09E0ADBDD3246
.reloc 0x00459000 33,352 bytes 33,792 bytes 5.45 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ FDC10AB471924CE4F3A91BEF7D5F35F5
.vlizer 0x00462000 7,381,504 bytes 7,381,053 bytes 6.32 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BCD553F651D7F47F45F357FFA496ECEE
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 9 (13,289 bytes)
Resource Type Count Total Size Percentage
PNG 8 12,901 bytes
97.1%
RT_MANIFEST 1 388 bytes
2.9%

Certificate Chain Analysis

Certificate Information
Verification Status Signed
Signers Manthe Industries, LLC; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4
Certificate Chain Summary
DigiCert Trusted Root G4 #1 Primary
Validity Period: 2013-08-01 12:00:00 → 2038-01-15 12:00:00
Signature Algorithm: sha384RSA
Serial Number: 05 9B 1B 57 9E 8E 21 32 E2 39 07 BD A7 77 75 5C
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #2 Chain
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
Manthe Industries, LLC #3 Chain
Validity Period: 2023-04-04 00:00:00 → 2026-04-03 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 02 A1 64 D8 96 51 C2 2B 06 DB 56 79 AA 09 D2 7F

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware