Gridinsoft Logo

Pywintypes313.dll Trojan Gen Analysis

Updated 1 second ago
Checked by Malaware Check
pywintypes313.dll

Technical Analysis

File Name pywintypes313.dll
File Type
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Scanner Version 1.0.218.174
Database Version 2025-06-10 23:00:14 UTC

Trojan.Win64.Gen.cl

Malware family: Gen

This is a generic detection identifier for files exhibiting Trojan horse characteristics. It indicates malware that disguises itself as legitimate software while containing malicious code designed to compromise system security or steal information.
N/A
Detection Rate
135,680
File Size (bytes)
2025-06-10
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
2a87d04e9e7cbff67e8ea4f6315c0ebb
SHA1
cf5b2bb53b37087eca18e509b8551ed5cb7575d9
SHA256
d011068781cfba0955258505dbe7e5c7d3d0b955e7f7640d2f1019d425278087
SHA512
2138e051ac116d3abe11101c75f8bd8388d7fba89b15e6f82dc35fd78bdd913ed8ba468769f68440ce7834825806281aa15f0023855e3b8248266414d60a4a44
ImpHash
4bb9e822a100c2f5435cf3bc749afa7c

PE Analysis

Basic Information

Image Base 0x180000000
Entry Point 0x18000efec
Compilation Time 2024-10-12 20:30:16
Checksum 0x00000000 (Actual: 0x00021b11)
OS Version 6.0
PEiD Signatures PE32+ executable (DLL) (GUI) x86-64, for MS Windows
PDB Path D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\pywintypes.pdb
Digital Signature No valid SignedData structure was found.
Imports 14 libraries
Exports 307 functions
Resources 1 Resources
Sections 6 Sections

Version Information

Comments https://github.com/mhammond/pywin32
CompanyName
FileDescription
FileVersion 3.13.308.0
InternalName pywintypes313.dll
LegalCopyright
LegalTrademarks
OriginalFilename pywintypes313.dll
ProductName PyWin32
ProductVersion 3.13.308.0
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 62,265 bytes 62,464 bytes 6.04 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 15CFF778BB79E72987A1641AED99DB8B
.rdata 0x00011000 54,246 bytes 54,272 bytes 5.78 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 25F56C9F772F5F651BB62D7661BAD50A
.data 0x0001f000 11,712 bytes 10,240 bytes 1.57 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BD23D7DC1D3E0C0575AD3D9833235B09
.pdata 0x00022000 5,304 bytes 5,632 bytes 4.84 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 824EEE55AA532FCB10FFD949F0695143
.rsrc 0x00024000 876 bytes 1,024 bytes 3.74 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E5F92D4DDE60F94CA5AA01D526997A4E
.reloc 0x00025000 816 bytes 1,024 bytes 4.78 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 28D2629CEFFCE57DAC5572355F4AB617

Resource Analysis

Total Resources: 1 (788 bytes)
Resource Type Count Total Size Percentage
RT_VERSION 1 788 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Win64.Gen.cl Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.Gen.cl without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware