Gridinsoft Logo

The AdminService.exe (Windows Setup API) File Analysis

Updated 25 days ago
Checked by Malware Check
AdminService.exe

Technical Analysis

File Name AdminService.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-16 18:00:26 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
404,384
File Size (bytes)
2025-12-16
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
f5496ab7677bb1dd5c165df6d6cd3854
SHA1
9efffb4b303654debbc2a0a8768d6b4c26eae54e
SHA256
e49dc2b86814578af060a6bfcc3f3f59a5be2ff639b997605d35fa6c4e7b1979
SHA512
c0431e18865fc4a2b8dedd6068ce5b4ef1d4a9374ab2d46829a08fcb91d47cc818e319e5356a506312cf096e558297c370a55677a4c653d58ed873f53f2addf0
ImpHash
1762549577cd8ad1cdb655bfa7436700

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x14001a208
Compilation Time 2021-11-23 06:13:43
Checksum 0x000705a8 (Actual: 0x000705a8)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path Z:\b\cnss_proc\bt\App\Bin\x64\Release\AdminService.pdb
Digital Signature OK
Imports 11 libraries
Exports 0 functions
Resources 6 Resources
Sections 7 Sections

Version Information

CompanyName Windows (R) Win 7 DDK provider
FileDescription Windows Setup API
FileVersion 10.0.10011.16384
InternalName SETUPAPI.DLL
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename SETUPAPI.DLL
ProductName Windows (R) Win 7 DDK driver
ProductVersion 10.0.10011.16384
Translation 0x0409 0x04b0
CompanyName Qualcomm
FileDescription AdminService Application
FileVersion 10.0.0.100
InternalName AdminService
LegalCopyright (c) Qualcomm, Inc. All rights reserved.
OriginalFilename AdminService.exe
ProductName BT Software Suite
ProductVersion 10.0.0.100
Translation 0x0804 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 222,048 bytes 222,208 bytes 6.41 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7E3E5B4DD7BAA8A9C33B9554A7CC3089
.rdata 0x00038000 103,184 bytes 103,424 bytes 4.67 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0881FED626F84F235E65DFB1BB040496
.data 0x00052000 14,156 bytes 8,192 bytes 1.74 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE F96B7E924548DEB06D75ECF7258B86B8
.pdata 0x00056000 10,056 bytes 10,240 bytes 5.54 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 881965B0B1D76733AE14760A38C59EB5
_RDATA 0x00059000 252 bytes 512 bytes 2.47 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F564B0DCFD4F07EA5EBE5B8F46A4EFBA
.rsrc 0x0005a000 47,936 bytes 48,128 bytes 3.61 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 30118F15A0AD68C3C595E0D3129D66DF
.reloc 0x00066000 1,876 bytes 2,048 bytes 5.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ AE49F72A4F43B6774735EA2673846655

Resource Analysis

Total Resources: 6 (47,539 bytes)
Resource Type Count Total Size Percentage
RT_STRING 2 368 bytes
0.8%
RT_MESSAGETABLE 1 43,332 bytes
91.2%
RT_VERSION 2 1,680 bytes
3.5%
RT_MANIFEST 1 2,159 bytes
4.5%

Certificate Chain Analysis

Certificate Information
Product Windows (R) Win 7 DDK driver
Description Windows Setup API
File Version 10.0.10011.16384
Original Name SETUPAPI.DLL
Signing Date 03:07 AM 11/28/2021 (1505 days ago)
Verification Status Signed
Signers Microsoft Windows Hardware Compatibility Publisher; Microsoft Windows Third Party Component CA 2012; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name SETUPAPI.DLL
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Windows Hardware Compatibility Publisher #1 Primary
Validity Period: 2021-06-17 17:55:59 → 2022-06-16 17:55:59
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 C4 50 21 BA 6E D8 5A 72 AD 00 00 00 00 00 C4
Microsoft Windows Third Party Component CA 2012 #2 Chain
Validity Period: 2012-04-18 23:48:38 → 2027-04-18 23:58:38
Signature Algorithm: sha256RSA
Serial Number: 61 0B AA C1 00 00 00 00 00 09
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2020-11-12 18:26:01 → 2022-02-11 18:26:01
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 4E 8C B1 EB ED D7 B2 E3 00 00 00 00 00 01 4E
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2010-07-01 21:36:55 → 2025-07-01 21:46:55
Signature Algorithm: sha256RSA
Serial Number: 61 09 81 2A 00 00 00 00 00 02

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware