Gridinsoft Logo
File Icon

The geph-windows-setup-1.exe File Analysis

Updated 12 days ago
Checked by Malware Check
geph-windows-setup-1.exe

Technical Analysis

File Name geph-windows-setup-1.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.219.174
Database Version 2025-06-29 14:00:29 UTC
āœ“

Clean File

No threats detected by our scanner

0%
Detection Rate
8,666,880
File Size (bytes)
2025-06-29
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
eaaac56d81947ef6dc50aaa9fa84d0c3
SHA1
56bcec2fe144056d81f6e1932845d29640911f6f
SHA256
ef654cb5ec327db224df66dad0a3e4fe25c4a7eb38152d1e42bb9af2e78983e9
SHA512
e23d36960da4d9e5472f456a886ae648c3aa0742fbe8033a550e9330c6cda3c0f617ffbfcb84d84067ab2165ff569aac764e2fb799a3b79511f6c031549f72bf
ImpHash
5a594319a0d69dbc452e748bcf05892e

PE Analysis

Basic Information

ā–¼
Icon
Hash: a0ef7c81eee20e999575764306184ccf
Fuzzy: 8341e53a6f1047f3c936b4d36dc8f542
dHash: 5050d274ccec82ae
Image Base 0x00400000
Entry Point 0x004b5eec
Compilation Time 2021-06-03 08:09:11
Checksum 0x0084a2e6 (Actual: 0x0084a2e6)
OS Version 6.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature OK
Imports 7 libraries
kernel32, comctl32, version, user32, oleaut32, netapi32, advapi32
Exports 3 functions
Resources 30 Resources
Sections 10 Sections

Version Information

ā–¼
Comments This installation was built with Inno Setup.
CompanyName Gephyra OƜ
FileDescription
FileVersion
LegalCopyright
OriginalFileName
ProductName
ProductVersion v5.1.0
Translation 0x0000 0x04b0

PE Sections

ā–¼
Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 734,748 bytes 735,232 bytes 6.36 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ AD6E46E3A3ACDB533EB6A077F6D065AF
.itext 0x000b5000 5,768 bytes 6,144 bytes 5.97 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D40FC822339D01F2ABCC5493AC101C94
.data 0x000b7000 14,244 bytes 14,336 bytes 5.04 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4C195D5591F6D61265DF08A3733DE3A2
.bss 0x000bb000 28,136 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x000c2000 3,894 bytes 4,096 bytes 4.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE A73D686F1E8B9BB06EC767721135E397
.didata 0x000c3000 420 bytes 512 bytes 2.76 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 41B8CE23DD243D14BEEBC71771885C89
.edata 0x000c4000 154 bytes 512 bytes 1.87 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 37C1A5C63717831863E018C0F51DABB7
.tls 0x000c5000 24 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x000c6000 93 bytes 512 bytes 1.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8F2F090ACD9622C88A6A852E72F94E96
.rsrc 0x000c7000 69,120 bytes 69,120 bytes 3.71 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 928B92D9ECDD9A8A827AAF31CCAA269A

Resource Analysis

ā–¼
Total Resources: 30 (67,411 bytes)
Resource Type Count Total Size Percentage
RT_ICON 13 55,173 bytes
81.8%
RT_STRING 11 8,040 bytes
11.9%
RT_RCDATA 3 768 bytes
1.1%
RT_GROUP_ICON 1 188 bytes
0.3%
RT_VERSION 1 1,412 bytes
2.1%
RT_MANIFEST 1 1,830 bytes
2.7%

Certificate Chain Analysis

ā–¼
Certificate Information
Verification Status Signed
Signers Open Source Developer, Yu Hao Dong; Certum Code Signing 2021 CA; Certum Trusted Network CA 2
Certificate Chain Summary
Certum Code Signing 2021 CA #1 Primary
Validity Period: 2021-05-19 05:32:18 ā†’ 2036-05-18 05:32:18
Signature Algorithm: sha384RSA
Serial Number: 99 A3 80 0A 26 55 3B 65 AB DC 6E 84 A6 B3 EA 39
Open Source Developer, Yu Hao Dong #2 Chain
Validity Period: 2024-09-06 15:20:52 ā†’ 2025-09-06 15:20:51
Signature Algorithm: sha256RSA
Serial Number: 62 6B FE DB 0B 74 47 FE EF 5A E4 8B D1 BB 91 0E

āœ“ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware