Gridinsoft Logo
File Icon

The DR1_us.exe File Analysis

Updated 1 month ago
Checked by Malware Check
DR1_us.exe

Technical Analysis

File Name DR1_us.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.229.174
Database Version 2025-11-21 10:00:23 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
3,459,728
File Size (bytes)
2025-11-21
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
6a536aede31922479b5f2dc3e0707dfb
SHA1
e7881c959012c2d565070218b7f6c0d4795f21af
SHA256
9debd9f6aed2339e540aa9526ea3f16f38ad91c19ad9a842a5b0b2fab21303e3
SHA512
7862e0e376504f0e7733738dcb93c31dd32d686490597b13763a7697577b2623a4d97949bc6bb4a3ec2b5cc6ba735708439114084f59deb5dd9616766b9a3525
ImpHash
a573c339c64da68ea55dc5d26f39d6a7

PE Analysis

Basic Information

Icon
Hash: b5022ce97d4932499c22e240943cfade
Fuzzy: d4dae70e633476ee448aa2d18509774a
dHash: 5d1c587e6e7c1959
Image Base 0x00400000
Entry Point 0x007e9310
Compilation Time 2016-08-31 12:56:25
Checksum 0x00000000 (Actual: 0x0035a66a)
OS Version 5.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path H:\Danganronpa\Development\Source\Prg\Prj\Vita\Win32\Master\DR1_us\DR1_us.pdb
Digital Signature No valid SignedData structure was found.
Imports 13 libraries
Exports 2 functions
Resources 7 Resources
Sections 8 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 2,160,819 bytes 2,161,152 bytes 6.66 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 81C6D31728A3B97853BB185AB44F8A4D
.rdata 0x00211000 480,688 bytes 480,768 bytes 5.62 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ CB051ADA44734783F9B2117797F5CE9D
.data 0x00287000 874,028 bytes 122,368 bytes 3.53 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2B1985F190A1DEA3CF0CF381501CD239
.tls 0x0035d000 17 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rodata 0x0035e000 2,944 bytes 3,072 bytes 4.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E602283784F586B905A5F5840FBD8DE0
.rsrc 0x0035f000 47,648 bytes 48,128 bytes 4.64 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F09DD242341630D03918B967536437AD
.reloc 0x0036b000 513,650 bytes 514,048 bytes 2.54 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 8D3719F706B675BFFA635DB0CCC5E9BC
.bind 0x003e9000 128,656 bytes 128,656 bytes 7.99 (Packed/Encrypted) IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 9394A223F8FD4D2A1743C461D901CA63
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 7 (47,203 bytes)
Resource Type Count Total Size Percentage
RT_ICON 5 46,746 bytes
99%
RT_GROUP_ICON 1 76 bytes
0.2%
RT_MANIFEST 1 381 bytes
0.8%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware