The Elsify Universal by FrostChanger de exe (Elsify) Elsify File Malware Analysis
Gridinsoft Logo
File Icon

The Elsify Universal by FrostChanger.de.exe (Elsify) File Analysis

Updated 1 year ago
Checked by Malware Check
Elsify Universal by FrostChanger.de.exe

Technical Analysis

File Name Elsify Universal by FrostChanger.de.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.170.174
Database Version 2024-03-28 19:00:23 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
19,556,357
File Size (bytes)
2024-03-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
c4e7c21c470314cec48770bdd6557a7e
SHA1
fa5e175cb1dbbbf8ebee99d8bb4795c401cb15a9
SHA256
e51cbe96e3a9d5ec82b78ded4a570093fed54604a21b36707aa3f1dc216abdb6
SHA512
255b8605651626489f3490869db7556348b0d8a880da91c91ebe2f636e9ffd7ce43d254c4d811186238bd9eb396fb5e155adc3e952d4a634005b3ddd069fce93
ImpHash
6a91eb82bfd19d2706c7d43c46f7064e

PE Analysis

Basic Information

Icon
Hash: 0e8b7604a60e990c7780a1d232b5034b
Fuzzy: c46694c9aef3991de6ac61656abcd3fd
dHash: b231d99d39b275a6
Image Base 0x140000000
Entry Point 0x1400113a0
Compilation Time 2023-11-30 03:22:40
Checksum 0x00000000 (Actual: 0x012b566f)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 12 libraries
Exports 0 functions
Resources 4 Resources
Sections 7 Sections

Version Information

Translation 0x0000 0x04b0
CompanyName Elsify
FileDescription Elsify
FileVersion 1.0.0.0
InternalName Elsify.dll
LegalCopyright
OriginalFilename Elsify.dll
ProductName Elsify
ProductVersion 1.0.0+0a6c67c47326efc059bdd10a7afcde47649696ec
Assembly Version 1.0.0.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 92,572 bytes 92,672 bytes 6.37 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ B26731196FFE31654221197B0F2363D8
.rdata 0x00018000 38,374 bytes 38,400 bytes 4.49 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 80E8F3730D59A884FA444A5A4CAE1E7F
.data 0x00022000 6,224 bytes 2,560 bytes 2.35 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE CEF2198F2CEA5925D35DC0F186D7C9E0
.pdata 0x00024000 5,052 bytes 5,120 bytes 4.99 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 27474F8B98CB83913601CA67DDCEE197
_RDATA 0x00026000 500 bytes 512 bytes 4.19 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C56B5592675740F8E9EC89070837B740
.reloc 0x00027000 792 bytes 1,024 bytes 4.70 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 8C0B631B1BF06E3A21B8F532673041EA
.rsrc 0x00028000 250,840 bytes 250,880 bytes 6.15 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E350ACE72AF93E224338E1F17F6434F6

Resource Analysis

Total Resources: 4 (250,534 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 249,256 bytes
99.5%
RT_GROUP_ICON 1 20 bytes
0%
RT_VERSION 1 768 bytes
0.3%
RT_MANIFEST 1 490 bytes
0.2%

Certificate Chain Analysis

Certificate Information
Product Elsify
Description Elsify
File Version 1.0.0.0
Original Name Elsify.dll
Internal Name Elsify.dll
Certificate Chain Summary
Microsoft Corporation #1 Primary
Validity Period: 2023-03-16 18:43:28 → 2024-03-14 18:43:28
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 03 4D 4E 91 A6 1A 28 B0 78 8F 00 00 00 00 03 4D
Microsoft Code Signing PCA 2011 #2 Chain
Validity Period: 2011-07-08 20:59:09 → 2026-07-08 21:09:09
Signature Algorithm: sha256RSA
Serial Number: 61 0E 90 D2 00 00 00 00 00 03
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2022-09-20 20:22:09 → 2023-12-14 20:22:09
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 B4 FB 80 08 44 05 D2 2D FA 00 01 00 00 01 B4
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15
Microsoft Time-Stamp Service #5 Chain
Validity Period: 2023-05-25 19:12:05 → 2024-02-01 19:12:05
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 CD 55 07 2A E7 CA C1 99 1D 00 01 00 00 01 CD
Microsoft Corporation #6 Chain
Validity Period: 2023-03-16 18:43:29 → 2024-03-14 18:43:29
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 03 4E B5 3C 7A C1 84 6F EB 2B 00 00 00 00 03 4E
Microsoft Time-Stamp Service #7 Chain
Validity Period: 2023-05-25 19:12:08 → 2024-02-01 19:12:08
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 CE 0F 18 F7 45 97 E7 C6 FF 00 01 00 00 01 CE
DigiCert CS RSA4096 Root G5 #8 Chain
Validity Period: 2021-01-15 00:00:00 → 2046-01-14 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 06 CE E1 31 BE 6D 55 C8 07 F7 C0 C7 FB 44 E6 20
.NET Foundation Projects Code Signing CA2 #9 Chain
Validity Period: 2021-07-15 00:00:00 → 2031-07-14 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0A DE 32 E9 50 9B 44 AA 34 B1 DA F1 BC 0E C8 73
Json.NET (.NET Foundation) #10 Chain
Validity Period: 2021-08-13 00:00:00 → 2024-10-29 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0C D1 40 7A 5A BD ED 43 D5 C1 73 12 1D 38 C5 29
DigiCert Timestamp 2022 - 2 #11 Chain
Validity Period: 2022-09-21 00:00:00 → 2033-11-21 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0C 4D 69 72 4B 94 FA 3C 2A 4A 3D 29 07 80 3D 5A
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #12 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #13 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A
.NET #14 Chain
Validity Period: 2023-05-11 19:03:32 → 2024-05-08 19:03:32
Signature Algorithm: sha384RSA
Serial Number: 33 00 00 03 7C C9 F6 BC ED 07 59 AE 08 00 00 00 00 03 7C
Microsoft Time-Stamp Service #15 Chain
Validity Period: 2023-05-25 19:12:18 → 2024-02-01 19:12:18
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 D1 B2 5B 40 28 6C 2E D2 45 00 01 00 00 01 D1

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware