Gridinsoft Logo
File Icon

The rootsupd_ae7ade3286a32c93abde0187cf94fed49de73e48.exe (Win32 Cabinet Self-Extractor ) File Analysis

Updated 3 months ago
Checked by Malware Check
rootsupd_ae7ade3286a32c93abde0187cf94fed49de73e48.exe

Technical Analysis

File Name rootsupd_ae7ade3286a32c93abde0187cf94fed49de73e48.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows, MS CAB-Installer self-extracting archive
Scanner Version 1.0.214.174
Database Version 2025-04-20 00:00:20 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
319,384
File Size (bytes)
2025-04-20
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
513252738034cdb7c101a73d92e116a6
SHA1
ae7ade3286a32c93abde0187cf94fed49de73e48
SHA256
e6ab09822e9109fca859573209e3ed7d2e3795825bb73288192dcdfb3d0e6f3b
SHA512
dc7a4dd0723165233e69ae5138069985779771510862339590a7b51088dd86b22900cb56dbe94eb09acaf691fbaf29aded4161038b8ad1e541e068978a9bfd87
ImpHash
1494de9b53e05fc1f40cb92afbdd6ce4

PE Analysis

Basic Information

Icon
Hash: e8da5abe9752f0a27e183894c8881ac0
Fuzzy: c5dace78993d50eaedeb05b7c48ce608
dHash: 848c5454baf47474
Image Base 0x01000000
Entry Point 0x01005a5e
Compilation Time 2001-08-18 01:42:57
Checksum 0x0005d701 (Actual: 0x0005d701)
OS Version 5.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows, MS CAB-Installer self-extracting archive
PDB Path wextract.pdb
Digital Signature OK
Imports 6 libraries
ADVAPI32, KERNEL32, GDI32, USER32, COMCTL32, VERSION
Exports 0 functions
Resources 31 Resources
Sections 3 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Win32 Cabinet Self-Extractor
FileVersion 6.00.2600.0000
InternalName Wextract
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename WEXTRACT.EXE
ProductName Microsoft® Windows® Operating System
ProductVersion 6.00.2600.0000
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 34,330 bytes 34,816 bytes 6.55 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 43984BE5CB414E4634DB17CAA4D1C30B
.data 0x0000a000 7,140 bytes 1,024 bytes 4.18 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 730893B14FC930A187215E7FB53BC0A5
.rsrc 0x0000c000 278,528 bytes 276,480 bytes 7.79 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A13CCE8F1B994A62D464F0105C447319
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 31 (274,418 bytes)
Resource Type Count Total Size Percentage
AVI 1 11,802 bytes
4.3%
RT_ICON 2 1,040 bytes
0.4%
RT_DIALOG 6 2,356 bytes
0.9%
RT_STRING 6 6,208 bytes
2.3%
RT_RCDATA 14 251,954 bytes
91.8%
RT_GROUP_ICON 1 34 bytes
0%
RT_VERSION 1 1,024 bytes
0.4%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Win32 Cabinet Self-Extractor
File Version 6.00.2600.0000
Original Name WEXTRACT.EXE
Signing Date 07:40 PM 08/25/2009 (5812 days ago)
Verification Status Signed
Signers Microsoft Corporation; Microsoft Code Signing PCA; Microsoft Root Authority
Counter Signers Microsoft Timestamping Service; Microsoft Timestamping PCA; Microsoft Root Authority
Internal Name Wextract
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Code Signing PCA #1 Primary
Validity Period: 2007-08-22 22:31:02 → 2012-08-25 07:00:00
Signature Algorithm: 1.3.14.3.2.29
Serial Number: 2E AB 11 DC 50 FF 5C 9D CB C0
Microsoft Corporation #2 Chain
Validity Period: 2008-10-22 21:24:55 → 2010-01-22 21:34:55
Signature Algorithm: sha1RSA
Serial Number: 61 06 27 81 00 00 00 00 00 08
Microsoft Timestamping Service #3 Chain
Validity Period: 2006-09-16 01:55:22 → 2011-09-16 02:05:22
Signature Algorithm: sha1RSA
Serial Number: 61 49 7C ED 00 00 00 00 00 05
Microsoft Timestamping PCA #4 Chain
Validity Period: 2006-09-16 01:04:47 → 2019-09-15 07:00:00
Signature Algorithm: sha1RSA
Serial Number: 6A 0B 99 4F C0 00 25 AB 11 DB 45 1F 58 7A 67 A2

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware