The testdisk win exe CGSecurity File Malware Analysis
Gridinsoft Logo
File Icon

The testdisk_win.exe File Analysis

Updated 3 days ago
Checked by Malware Check
testdisk_win.exe

Technical Analysis

File Name testdisk_win.exe
File Type
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Scanner Version 1.0.224.174
Database Version 2025-09-09 19:00:46 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
768,032
File Size (bytes)
2025-09-09
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
767f6327a1db9dc4e8e83033a8701959
SHA1
e012970421590a2bff264a9b9c94aca5057e87db
SHA256
bd9d463b7126bd9e51b9a7682c2be5944a2c2d120104fbf2794d824220ebe59b
SHA512
5e4a9005ce2fdf2e311b5ea1cd98de4964c5b820eec0277ef9f6c3a5afe308244949f20cee86459724be9f9b915c06860d7023c91d63f0299c411acbf76da8c7
ImpHash
14bb56eef602d517a4f92465a0632380

PE Analysis

Basic Information

Icon
Hash: cbe9f568a9839b48fab7fa168a0d883f
Fuzzy: 42d0e6e8cbfa4ef080811a93b1d9ce86
dHash: e991a8b0a66d3098
Image Base 0x100400000
Entry Point 0x100401000
Compilation Time 2025-06-22 14:32:36
Checksum 0x000bf03c (Actual: 0x000bf03c)
OS Version 4.0
PEiD Signatures PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Digital Signature Chain verification from [email protected], CN=Open Source Developer\, Christophe GRENIER, O=Open Source Developer, L=LE PERREUX-SUR-MARNE, ST=ILE DE FRANCE, C=FR (serial:34064927953462066999046785409715031933, sha1:6d2d393fe19a31948adc12ca06908886b3c65b60) failed: The path could not be validated because the end-entity certificate expired 2024-06-15 10:00:27Z
Imports 6 libraries
cyggcc_s-seh-1, cygwin1, cygewf-2, cygiconv-2, cygncursesw-10, KERNEL32
Exports 0 functions
Resources 6 Resources
Sections 10 Sections

Version Information

CompanyName CGSecurity
ProductName TestDisk
FileDescription TestDisk
InternalName TestDisk
OriginalFilename testdisk_win.exe
Comments Partition and file recovery utility
FileVersion 7.3
ProductVersion 7.3
LegalCopyright Copyright (C) 1998-2024 Christophe GRENIER, et al.
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 510,568 bytes 510,976 bytes 6.23 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ B5169E09A6B7E7DAECE61148008444CB
.data 0x0007e000 3,552 bytes 3,584 bytes 2.68 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2020595E9421C554E1307D020782B69E
.rdata 0x0007f000 188,136 bytes 188,416 bytes 6.43 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 06941B9F648F5460054BC5D0479B6496
.buildid 0x000ad000 53 bytes 512 bytes 0.58 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A19BEBAFCBC69745EA1B1A820D28E5FF
.pdata 0x000ae000 16,836 bytes 16,896 bytes 5.74 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9813247E25733FC3E5E6B816EF25D1FC
.xdata 0x000b3000 16,588 bytes 16,896 bytes 4.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B58E65CF03FDD3BAAC3EB419A9C66F7F
.bss 0x000b8000 66,208 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x000c9000 7,084 bytes 7,168 bytes 4.29 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 9F9CC6724E6E9A68962F419718719CBC
.rsrc 0x000cb000 10,432 bytes 10,752 bytes 5.01 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ CF23BB8D12CCCEA08BED078E8E175E9E
.reloc 0x000ce000 1,304 bytes 1,536 bytes 4.91 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 09D36E2C63372FC90E70BC33BFCF4AEA

Resource Analysis

Total Resources: 6 (8,758 bytes)
Resource Type Count Total Size Percentage
RT_ICON 3 7,352 bytes
83.9%
RT_GROUP_ICON 1 48 bytes
0.5%
RT_VERSION 1 836 bytes
9.5%
RT_MANIFEST 1 522 bytes
6%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

Chain verification from [email protected], CN=Open Source Developer\, Christophe GRENIER, O=Open Source Developer, L=LE PERREUX-SUR-MARNE, ST=ILE DE FRANCE, C=FR (serial:34064927953462066999046785409715031933, sha1:6d2d393fe19a31948adc12ca06908886b3c65b60) failed: The path could not be validated because the end-entity certificate expired 2024-06-15 10:00:27Z

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware