The MovaviScreenRecorderSetupE Wtkeji3 exe (Movavi installer) Movavi File Malware Analysis
Gridinsoft Logo
File Icon

The MovaviScreenRecorderSetupE_Wtkeji3_.exe (Movavi installer) File Analysis

Updated 4 hours ago
Checked by Malware Check
MovaviScreenRecorderSetupE_Wtkeji3_.exe

Technical Analysis

File Name MovaviScreenRecorderSetupE_Wtkeji3_.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-25 21:00:33 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
2,770,752
File Size (bytes)
2025-12-25
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
7359d691c2ef64ee9f07a578196a985c
SHA1
77a8646c7115442d132b59aa84f191693a604cc2
SHA256
d754c508437dbdf4d54a49457adffb532725578f25feaf4a31100d14e5301fbd
SHA512
5baf7b3aa55743666756f1e45e23c5fdd383718d19611af19ab1021992b8a580e8ab0c12015c5788b68a7c8b01e7d57127448c7f261a70020517f8e484e6f860
ImpHash
79d57f0c4cdae2481be20557b74f970d

PE Analysis

Basic Information

Icon
Hash: 8a27ff5c3e9e8344e8ceab491ec35c70
Fuzzy: 1f2c5d641eb53910ec34e0e7ffbd2611
dHash: ccb2b2b28eb2b2cc
Image Base 0x140000000
Entry Point 0x1400157d0
Compilation Time 2025-09-02 13:08:40
Checksum 0x002a5081 (Actual: 0x002a5081)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path D:\J\WS\workspace\Web-installer-WinMac\build64\bin\MovaviWebInstallerSetup_2_0_0_x64_5247_WI-2-2.0.0_b19777f_CyprusBuild003_NOPROTECT_setup.pdb
Digital Signature Chain verification from CN=Movavi Software Limited, O=Movavi Software Limited, L=Agios Athanasios, C=CY, serialNumber=HE 340361, businessCategory=Private Organization, jurisdictionOfIncorporationCountryName=CY (serial:5088788664556168882698403513455953413, sha1:b40e445da580c28e8a652d08ba99c1e10309b5e8) failed: Unable to build a validation path for the certificate "Common Name: Movavi Software Limited, Organization: Movavi Software Limited, Locality: Agios Athanasios, Country: CY, Serial Number: HE 340361, Business Category: Private Organization, Incorporation Country: CY" - no issuer matching "Common Name: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; Organization: DigiCert, Inc.; Country: US" was found
Imports 3 libraries
KERNEL32, USER32, SHELL32
Exports 0 functions
Resources 15 Resources
Sections 7 Sections

Version Information

CompanyName Movavi
FileDescription Movavi installer
FileVersion 2.0.0.0
InternalName Movavi WebInstaller
LegalCopyright Copyright (C) 2004 - 2025 movavi.com All rights reserved
OriginalFilename MovaviWebInstallerSetup_2_0_0_x64_5247_WI-2-2.0.0_b19777f_CyprusBuild003_NOPROTECT_setup.exe
ProductName Movavi 2.0.0
ProductVersion 2.0.0.0
Translation 0x0009 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 242,700 bytes 243,200 bytes 6.49 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 4DBD0EDECA07FD715F80BF22150BB772
.rdata 0x0003d000 91,250 bytes 91,648 bytes 5.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DC05C10D3035DD5421E5AF4A4120D1BC
.data 0x00054000 24,980 bytes 5,632 bytes 3.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D1B4CDF47D5F192402F950C4F3DA40E0
.pdata 0x0005b000 12,084 bytes 12,288 bytes 5.57 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4A625BA88C6F6DF9963EAEB314FE5E9A
_RDATA 0x0005e000 244 bytes 512 bytes 2.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B03CEF87536D149E7B9C3346C5CDFB28
.rsrc 0x0005f000 2,404,096 bytes 2,404,352 bytes 7.99 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9BD56F9B0CC1FEA30BAB816659293CCF
.reloc 0x002aa000 2,584 bytes 3,072 bytes 5.05 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 6596003A62808EB2C9CF64BE2DB58EFC
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 15 (2,403,194 bytes)
Resource Type Count Total Size Percentage
RT_ICON 11 74,198 bytes
3.1%
RT_RCDATA 1 2,327,129 bytes
96.8%
RT_GROUP_ICON 1 160 bytes
0%
RT_VERSION 1 956 bytes
0%
RT_MANIFEST 1 751 bytes
0%

Certificate Chain Analysis

Certificate Information
Product Movavi 2.0.0
Description Movavi installer
File Version 2.0.0.0
Original Name MovaviWebInstallerSetup_2_0_0_x64_5247_WI-2-2.0.0_b19777f_CyprusBuild003_NOPROTECT_setup.exe
Signing Date 01:08 PM 09/02/2025 (114 days ago)
Verification Status Signed
Signers Movavi Software Limited; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert SHA256 RSA4096 Timestamp Responder 2025 1; DigiCert Trusted G4 TimeStamping RSA4096 SHA256 2025 CA1; DigiCert Trusted Root G4; DigiCert
Internal Name Movavi WebInstaller
Copyright Copyright (C) 2004 - 2025 movavi.com All rights reserved
Certificate Chain Summary
Movavi Software Limited #1 Primary
Validity Period: 2025-05-12 00:00:00 → 2028-08-02 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 03 D4 10 A6 EB 1C 79 B6 F3 10 28 FC CC F5 46 05
DigiCert SHA256 RSA4096 Timestamp Responder 2025 1 #2 Chain
Validity Period: 2025-06-04 00:00:00 → 2036-09-03 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0A 80 EF 18 4B 8D F1 05 82 D1 C4 76 A7 95 74 68
DigiCert Trusted G4 TimeStamping RSA4096 SHA256 2025 CA1 #3 Chain
Validity Period: 2025-05-07 00:00:00 → 2038-01-14 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0D C7 AC 57 05 FF 21 99 2E 40 43 22 0C 3A 49 86
DigiCert Trusted Root G4 #4 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

Chain verification from CN=Movavi Software Limited, O=Movavi Software Limited, L=Agios Athanasios, C=CY, serialNumber=HE 340361, businessCategory=Private Organization, jurisdictionOfIncorporationCountryName=CY (serial:5088788664556168882698403513455953413, sha1:b40e445da580c28e8a652d08ba99c1e10309b5e8) failed: Unable to build a validation path for the certificate "Common Name: Movavi Software Limited, Organization: Movavi Software Limited, Locality: Agios Athanasios, Country: CY, Serial Number: HE 340361, Business Category: Private Organization, Incorporation Country: CY" - no issuer matching "Common Name: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; Organization: DigiCert, Inc.; Country: US" was found

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware