Gridinsoft Logo

The dwmapi.dll (Microsoft Desktop Window Manager API) File Analysis

Updated 1 month ago
Checked by Malware Check
dwmapi.dll

Technical Analysis

File Name dwmapi.dll
File Type
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Scanner Version 1.0.229.174
Database Version 2025-11-23 16:00:25 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
191,512
File Size (bytes)
2025-11-23
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
9507c9c1fe9b6cba3762bedb7848ab45
SHA1
c7d7c27c7ee4766ed0a798ff0587c98aa9ef3a8f
SHA256
ef70f51288f8d5e42243583446d862ddfcb05829f2150c32bf644e4449d85416
SHA512
08621ed9fc34ce3879cc2e97a07e7984ad0471c0aa2b15b965aaf8e9f76e416ee2dc93fdb25a40f58b71b34b203d5800bfcd57821dacd51924954e003c398dcf
ImpHash
5ad01b8c958ae1f971d3409dbcb583f6

PE Analysis

Basic Information

Image Base 0x180000000
Entry Point 0x180009650
Compilation Time 2055-11-06 12:37:19
Checksum 0x00031c43 (Actual: 0x00031c43)
OS Version 10.0
PEiD Signatures PE32+ executable (DLL) (GUI) x86-64, for MS Windows
PDB Path dwmapi.pdb
Digital Signature OK
Imports 31 libraries
Exports 112 functions
Resources 4 Resources
Sections 8 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Microsoft Desktop Window Manager API
FileVersion 10.0.26100.7019 (WinBuild.160101.0800)
InternalName dwmapi.dll
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename dwmapi.dll
ProductName Microsoft® Windows® Operating System
ProductVersion 10.0.26100.7019
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 101,424 bytes 102,400 bytes 6.18 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6C0A639F1783E92301419BB6B8643220
fothk 0x0001a000 4,096 bytes 4,096 bytes 0.02 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 66E3532F1114152456E11308F2EBE4CC
.rdata 0x0001b000 26,952 bytes 28,672 bytes 4.86 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 11642123CC8F20FA84225C777A2DD55D
.data 0x00022000 16,864 bytes 4,096 bytes 0.71 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE E80275569F4F73A180081DC0185BC625
.pdata 0x00027000 6,540 bytes 8,192 bytes 4.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 69FAB9EE30AB9E80F2BE6DFCD9A443AC
.didat 0x00029000 56 bytes 4,096 bytes 0.05 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE E640533F0EC9552FB53200FBAC8C3BDE
.rsrc 0x0002a000 16,736 bytes 20,480 bytes 3.45 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D4D97197E444D689629E74F3C695779B
.reloc 0x0002f000 416 bytes 4,096 bytes 0.79 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 4C75467DD47908EC16E8058AD8CB75DC

Resource Analysis

Total Resources: 4 (16,372 bytes)
Resource Type Count Total Size Percentage
MUI 1 232 bytes
1.4%
WEVT_TEMPLATE 1 14,034 bytes
85.7%
RT_VERSION 1 952 bytes
5.8%
RT_MANIFEST 1 1,154 bytes
7%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Microsoft Desktop Window Manager API
File Version 10.0.26100.7019 (WinBuild.160101.0800)
Original Name dwmapi.dll
Signing Date 05:19 AM 10/24/2025 (77 days ago)
Verification Status Signed
Signers Microsoft Windows; Microsoft Windows Production PCA 2011; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name dwmapi.dll
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Windows #1 Primary
Validity Period: 2025-06-19 18:11:44 → 2026-06-17 18:11:44
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 05 19 DA DD AA 8B DC 44 B2 92 00 00 00 00 05 19
Microsoft Windows Production PCA 2011 #2 Chain
Validity Period: 2011-10-19 18:41:42 → 2026-10-19 18:51:42
Signature Algorithm: sha256RSA
Serial Number: 61 07 76 56 00 00 00 00 00 08
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2025-01-30 19:42:47 → 2026-04-22 19:42:47
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 04 D8 E0 0E 07 97 32 58 98 00 01 00 00 02 04
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware