Gridinsoft Logo
File Icon

The shellbag_analyzer_cleaner.exe (ShellBag AnalyZer & Cleaner) File Analysis

Updated 0 second ago
Checked by Malware Check
shellbag_analyzer_cleaner.exe

Technical Analysis

File Name shellbag_analyzer_cleaner.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.218.174
Database Version 2025-06-21 18:00:24 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
1,690,992
File Size (bytes)
2025-06-21
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
463058236a0d84f8f8982d946eed0e07
SHA1
800ab71ed3b3bf4fb67fc9e1628e59d0aab8b124
SHA256
c93a0f4c6b5f24ee31cddb92b0ea3337021b5fb91faae8a381d3bd2c9b6add54
SHA512
18bd9aea8489c5e873a679da92c83d2739de9532f5751bd23aea9eda226b9a95909f8fd525b0ce47859492997002aee32ecf37bb79e07f24b512287b8fd58a53
ImpHash
283eb1d41887a5c44fa040047dc3e240

PE Analysis

Basic Information

Icon
Hash: cb374e1b14cccf36f3749b24db26abe5
Fuzzy: 734d6bfc25c58ab158502e629ad1035b
dHash: b9694932343c8e20
Image Base 0x00400000
Entry Point 0x004f3600
Compilation Time 1992-06-19 22:22:17
Checksum 0x001a1b94 (Actual: 0x001a1b94)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature OK
Imports 11 libraries
Exports 0 functions
Resources 119 Resources
Sections 8 Sections

Version Information

CompanyName Goversoft LLC
FileDescription ShellBag AnalyZer & Cleaner
FileVersion 1.30.0.0
InternalName
LegalCopyright Goversoft
LegalTrademarks
OriginalFilename
ProductName ShellBag AnalyZer & Cleaner
ProductVersion 1.0.0.0
Comments All rights reserved
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
CODE 0x00001000 993,372 bytes 993,792 bytes 6.56 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 4C031B913EC28C85A4412D53E7502993
DATA 0x000f4000 10,384 bytes 10,752 bytes 5.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5E3A58D69180635A4C371AF5CF70E374
BSS 0x000f7000 7,161 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x000f9000 12,200 bytes 12,288 bytes 5.07 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 3325CFD306F02F31B5C8A7AFBB90E13C
.tls 0x000fc000 36 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x000fd000 24 bytes 512 bytes 0.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ FEFE23F9CDFAE91F873433362B2FE855
.reloc 0x000fe000 63,036 bytes 63,488 bytes 6.63 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ D14AF896AF178DB0483D671675FC5C0D
.rsrc 0x0010e000 407,040 bytes 407,040 bytes 6.60 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 0320EA462BDB842CA3372925253B2178
Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 119 (399,173 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 16 4,928 bytes
1.2%
RT_BITMAP 55 27,172 bytes
6.8%
RT_ICON 8 176,938 bytes
44.3%
RT_DIALOG 1 82 bytes
0%
RT_STRING 18 11,648 bytes
2.9%
RT_RCDATA 3 175,180 bytes
43.9%
RT_GROUP_CURSOR 15 300 bytes
0.1%
RT_GROUP_ICON 1 118 bytes
0%
RT_VERSION 1 812 bytes
0.2%
RT_MANIFEST 1 1,995 bytes
0.5%

Certificate Chain Analysis

Certificate Information
Product ShellBag AnalyZer & Cleaner
Description ShellBag AnalyZer & Cleaner
File Version 1.30.0.0
Signing Date 09:20 AM 08/25/2021 (1396 days ago)
Verification Status Signed
Signers Goversoft LLC; Sectigo RSA Code Signing CA; USERTrust RSA Certification Authority; Sectigo (AAA)
Counter Signers Sectigo RSA Time Stamping Signer #2; Sectigo RSA Time Stamping CA; USERTrust RSA Certification Authority; Sectigo (AAA)
Copyright Goversoft
Certificate Chain Summary
Goversoft LLC #1 Primary
Validity Period: 2020-11-18 00:00:00 → 2023-11-18 23:59:59
Signature Algorithm: sha256RSA
Serial Number: A3 FB DA E5 43 2E E4 4D 42 F2 6C B2 68 E0 93 19
USERTrust RSA Certification Authority #2 Chain
Validity Period: 2019-03-12 00:00:00 → 2028-12-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 39 72 44 3A F9 22 B7 51 D7 D3 6C 10 DD 31 35 95
Sectigo RSA Code Signing CA #3 Chain
Validity Period: 2018-11-02 00:00:00 → 2030-12-31 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 1D A2 48 30 6F 9B 26 18 D0 82 E0 96 7D 33 D3 6A
Sectigo RSA Time Stamping CA #4 Chain
Validity Period: 2019-05-02 00:00:00 → 2038-01-18 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 30 0F 6F AC DD 66 98 74 7C A9 46 36 A7 78 2D B9
Sectigo RSA Time Stamping Signer #2 #5 Chain
Validity Period: 2020-10-23 00:00:00 → 2032-01-22 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 8C 77 A0 00 8F F4 D1 B0 C6 3D 9F 3A 48 83 8D 6B

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware