The exiftool( k) exe (ExifTool Perl launcher) OliverBetz de File Malware Analysis
Gridinsoft Logo
File Icon

The exiftool(-k).exe (ExifTool Perl launcher) File Analysis

Updated 2 months ago
Checked by Malware Check
exiftool(-k).exe

Technical Analysis

File Name exiftool(-k).exe
File Type
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Scanner Version 1.0.223.174
Database Version 2025-08-17 03:00:27 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
58,368
File Size (bytes)
2025-08-17
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
0b1a431d7fb324acfb7049bde200f84d
SHA1
78c28d779781c8beafa620560d6c47fe5c099349
SHA256
98fc96e7b740e07584ae248305d05228325045a0e91f81e4b2463314a8c5a0be
SHA512
24e9926531d658ebc189200f6279cd7547bd46153bc5ad6039eb10a8922cbcd07980a5839ee2e2c7edce1f4f969b7ed41f608308a208e87300e347b4ac373333
ImpHash
25fa85e8b7d5202de9cfcb6f42568133

PE Analysis

Basic Information

Icon
Hash: 92c9aff64f843e395d7b1d3e74c5316e
Fuzzy: 9a286854e2f5bbea28a3c0e38b81baa3
dHash: 567331a1b1a79850
Image Base 0x00400000
Entry Point 0x004014e0
Compilation Time 2025-02-14 17:51:13
Checksum 0x0001b209 (Actual: 0x0001af28)
OS Version 4.0
PEiD Signatures PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 2 libraries
KERNEL32, msvcrt
Exports 0 functions
Resources 7 Resources
Sections 10 Sections

Version Information

CompanyName OliverBetz.de
FileDescription ExifTool Perl launcher
FileVersion 1.6
InternalName ppl-exiftool
LegalCopyright Oliver Betz
OriginalFilename exiftool.exe
ProductName Exiftool
ProductVersion 13.33
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 8,216 bytes 8,704 bytes 5.82 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES 40984A2EC206C28280FC36E3F133C68A
.data 0x00004000 192 bytes 512 bytes 0.76 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_16BYTES C5278CA831F3B23CA79840C560E5843D
.rdata 0x00005000 1,600 bytes 2,048 bytes 3.64 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_32BYTES A4EEFD37CE3E706EF699391F53DD2F2C
.pdata 0x00006000 624 bytes 1,024 bytes 2.65 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES C3B294513E87EA2C1B74FE065C44F4AF
.xdata 0x00007000 512 bytes 512 bytes 3.88 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_4BYTES F77C96541640ABC43C0C01260F2AA965
.bss 0x00008000 2,432 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_32BYTES D41D8CD98F00B204E9800998ECF8427E
.idata 0x00009000 2,192 bytes 2,560 bytes 3.63 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES 6656393BA6CCCE2935D8D9DB50DC3312
.CRT 0x0000a000 104 bytes 512 bytes 0.27 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES D3D332F0DCF71600B3030C057177D5B4
.tls 0x0000b000 16 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x0000c000 40,584 bytes 40,960 bytes 7.21 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES 2F6048FE42C5151E71B19F6B4346F7F9
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 7 (40,122 bytes)
Resource Type Count Total Size Percentage
RT_ICON 4 38,971 bytes
97.1%
RT_GROUP_ICON 1 62 bytes
0.2%
RT_VERSION 1 704 bytes
1.8%
RT_MANIFEST 1 385 bytes
1%

Certificate Chain Analysis

Certificate Information
Product Exiftool
Description ExifTool Perl launcher
File Version 1.6
Original Name exiftool.exe
Internal Name ppl-exiftool
Copyright Oliver Betz

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware