Gridinsoft Logo
File Icon

The KeePass.exe (KeePass) File Analysis

Updated 2 months ago
Checked by Malaware Check
KeePass.exe

Technical Analysis

File Name KeePass.exe
File Type
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Scanner Version 1.0.211.174
Database Version 2025-03-19 21:00:37 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
3,274,640
File Size (bytes)
2025-03-19
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
0053419049f07b9f94ff40d4e97a3c5a
SHA1
579f40fbf412732b08ae8270fd4a59e4903aaf47
SHA256
cdc5d044b0e5f877ee60401107955d5695f40c37a6eae79a42c2b725171a8255
SHA512
e34dbb28e1f78871861fc56d17387343557539daaa61fef4c2f11b0a7f730198513aa128e868d763c70f61da8b9afb8c380717cf0eaf94547f1cad2f1c2a35f9
ImpHash
f34d5f2d4577ed6d9ceec516c1f5a744

PE Analysis

Basic Information

Icon
Hash: f4f9805214307008c3094dab53aa0747
Fuzzy: b1a707631965e7339c56355fbd072a6f
dHash: 71cc96b69696cc71
Image Base 0x00400000
Entry Point 0x0070bbae
Compilation Time 2023-06-03 08:18:43
Checksum 0x003200af (Actual: 0x003200af)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
PDB Path D:\Dev_A\KeePassNET\KeePass\obj\Release\KeePass.pdb
Digital Signature An error occurred while validating the countersignature: The root Certum Trusted Network CA 2 lists its extended key usages, but {'time_stamping'} are not present
Imports 1 libraries
mscoree
Exports 0 functions
Resources 15 Resources
Sections 3 Sections

Version Information

Translation 0x0000 0x04b0
Comments KeePass Password Safe
CompanyName Dominik Reichl
FileDescription KeePass
FileVersion 2.54.0.0
InternalName KeePass.exe
LegalCopyright Copyright © 2003-2023 Dominik Reichl
OriginalFilename KeePass.exe
ProductName KeePass
ProductVersion 2.54.0.0
Assembly Version 2.54.0.16762

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00002000 3,185,588 bytes 3,185,664 bytes 6.67 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ BAABE1C9F62FD5DEEBB9221CF57906F5
.rsrc 0x0030c000 66,776 bytes 67,072 bytes 6.19 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9105610AE6BE1C4818F990D5E36BECBD
.reloc 0x0031e000 12 bytes 512 bytes 0.10 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 0893E6A0181490C231E96DA14DFC5382
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 15 (65,931 bytes)
Resource Type Count Total Size Percentage
RT_ICON 12 64,403 bytes
97.7%
RT_GROUP_ICON 1 174 bytes
0.3%
RT_VERSION 1 864 bytes
1.3%
RT_MANIFEST 1 490 bytes
0.7%

Certificate Chain Analysis

Certificate Information
Product KeePass
Description KeePass
File Version 2.54.0.0
Original Name KeePass.exe
Signing Date 08:20 AM 06/03/2023 (735 days ago)
Verification Status Signed
Signers Open Source Developer, Dominik Reichl; Certum Code Signing 2021 CA; Certum Trusted Network CA 2; Certum Trusted Network CA
Counter Signers Certum Timestamp 2022; Certum Timestamping 2021 CA; Certum Trusted Network CA 2; Certum Trusted Network CA
Internal Name KeePass.exe
Copyright Copyright © 2003-2023 Dominik Reichl
Certificate Chain Summary
Open Source Developer, Dominik Reichl #1 Primary
Validity Period: 2023-02-06 08:28:54 → 2024-02-06 08:28:53
Signature Algorithm: sha256RSA
Serial Number: 29 DE 69 7E F2 EF D9 F0 85 BE E8 D4 D8 40 A8 BF
Certum Code Signing 2021 CA #2 Chain
Validity Period: 2021-05-19 05:32:18 → 2036-05-18 05:32:18
Signature Algorithm: sha384RSA
Serial Number: 99 A3 80 0A 26 55 3B 65 AB DC 6E 84 A6 B3 EA 39
Certum Timestamp 2022 #3 Chain
Validity Period: 2022-07-28 08:56:26 → 2033-07-27 08:56:26
Signature Algorithm: sha384RSA
Serial Number: 2B D4 AE 70 B9 D0 63 5B 2A E9 84 C8 D6 74 AA 30
Certum Timestamping 2021 CA #4 Chain
Validity Period: 2021-05-19 05:32:07 → 2036-05-18 05:32:07
Signature Algorithm: sha384RSA
Serial Number: E7 FF 69 C7 3B 35 CE 4B 91 26 D8 74 7C 68 A5 87
Certum Trusted Network CA 2 #5 Chain
Validity Period: 2021-05-31 06:43:06 → 2029-09-17 06:43:06
Signature Algorithm: sha384RSA
Serial Number: 1B B5 8F 25 2A DF 23 00 49 28 C9 AE 3D 7E ED 27

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

An error occurred while validating the countersignature: The root Certum Trusted Network CA 2 lists its extended key usages, but {'time_stamping'} are not present

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware