The explorer exe (Windows Explorer) Microsoft Corporation File Malware Analysis
Gridinsoft Logo
File Icon

The explorer.exe (Windows Explorer) File Analysis

Updated 1 month ago
Checked by Malware Check
explorer.exe

Technical Analysis

File Name explorer.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.229.174
Database Version 2025-12-01 00:00:38 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
6,089,624
File Size (bytes)
2025-12-01
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
a540d447132d1c883ffb81b4a63d7deb
SHA1
01571598eba1a49cabb0c69059063b3fc10cfe0a
SHA256
d05d91a14c7fea81996001856969ebccb4a7476751aba00170f412be4d21ddcf
SHA512
2a64115214aa5d914d601210ce3f439fd5be76b6787a6a96830fe5b26c79fb0041e3092b9db64998c59a50dea6285377f89664a8ff319de39b5bfff2e1abe735
ImpHash
dbce632eced8243cb6090c1c87be56bc

PE Analysis

Basic Information

Icon
Hash: c6c4e1f0ac29734e1f9abcb35ccd2839
Fuzzy: 6c44ac8ddc79b4231af67ec1ed37e431
dHash: 04baa2aa8ab2b244
Image Base 0x140000000
Entry Point 0x1400a2930
Compilation Time 2043-10-21 16:19:03
Checksum 0x005d8b34 (Actual: 0x005d8b34)
OS Version 10.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path explorer.pdb
Digital Signature OK
Imports 136 libraries
Exports 0 functions
Resources 683 Resources
Sections 8 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Windows Explorer
FileVersion 10.0.19041.6575 (WinBuild.160101.0800)
InternalName explorer
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename EXPLORER.EXE
ProductName Microsoft® Windows® Operating System
ProductVersion 10.0.19041.6575
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 3,574,953 bytes 3,575,296 bytes 6.36 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 0EFCA1D2D5EE4B8F9D84C1A77FBB2E22
.imrsiv 0x0036a000 4 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x0036b000 802,934 bytes 803,328 bytes 4.93 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 1ABF413D06A1190FD9EA83F376668EB5
.data 0x00430000 31,364 bytes 12,288 bytes 3.04 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DCC45F09C3A33B3DDF0ED9DA6B8D2F34
.pdata 0x00438000 148,932 bytes 148,992 bytes 6.29 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 746A243EE636192E28656266B0E414E8
.didat 0x0045d000 2,288 bytes 2,560 bytes 3.04 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 3A36B41B1343EFA91EA02B8394D109CD
.rsrc 0x0045e000 1,460,312 bytes 1,460,736 bytes 5.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F6E5A805F93F3D8C370AB1588FE48881
.reloc 0x005c3000 22,324 bytes 22,528 bytes 5.44 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ EE6EA509410C3C53FEE7340AFB7A6D8A

Resource Analysis

Total Resources: 683 (1,425,679 bytes)
Resource Type Count Total Size Percentage
IMAGE 425 281,507 bytes
19.7%
MUI 1 256 bytes
0%
RT_ICON 225 1,135,673 bytes
79.7%
RT_GROUP_ICON 28 3,318 bytes
0.2%
RT_VERSION 1 912 bytes
0.1%
RT_MANIFEST 1 1,327 bytes
0.1%
None 2 2,686 bytes
0.2%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Windows Explorer
File Version 10.0.19041.6575 (WinBuild.160101.0800)
Original Name EXPLORER.EXE
Signing Date 03:46 AM 11/07/2025 (62 days ago)
Verification Status Signed
Signers Microsoft Windows; Microsoft Windows Production PCA 2011; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name explorer
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Windows #1 Primary
Validity Period: 2025-06-19 18:11:43 → 2026-06-17 18:11:43
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 05 18 41 84 19 AD CB AD 29 4F 00 00 00 00 05 18
Microsoft Windows Production PCA 2011 #2 Chain
Validity Period: 2011-10-19 18:41:42 → 2026-10-19 18:51:42
Signature Algorithm: sha256RSA
Serial Number: 61 07 76 56 00 00 00 00 00 08
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2025-08-14 18:48:23 → 2026-11-13 18:48:23
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 17 71 FB 2E A5 AF 01 1D EA 00 01 00 00 02 17
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware