Gridinsoft Logo
File Icon

The 圣诞烟花秀.exe File Analysis

Updated 16 days ago
Checked by Malware Check
圣诞烟花秀.exe

Technical Analysis

File Name 圣诞烟花秀.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-26 05:00:38 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
3,295,232
File Size (bytes)
2025-12-26
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
3fefc2fc515e06f356178d40dee4db92
SHA1
e908f52b6c2202cb12ba521bfabcd211f6fca15f
SHA256
efbef8c971dfa27e5d267f5330c6544683594ae9f3a80b457a957408c469f737
SHA512
ecba9f6557e7c752e2443d13918e6142b7480b8a8b19b98e58b4cab602b5e96cb7e32a84b6a586b90185b1f5e1681af3b85567876f08cf281547978a144767b4
ImpHash
be44cc2426786a8ca3a78be88ec02586

PE Analysis

Basic Information

Icon
Hash: 153216873e95a52853ef381ba02f3d7a
Fuzzy: 9b3ad8933c8d3d34518f4b93933eebc9
dHash: dcdccec4e4f0d0d4
Image Base 0x00400000
Entry Point 0x0047b664
Compilation Time 1992-06-19 22:22:17
Checksum 0x00000000 (Actual: 0x003257f0)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 8 libraries
kernel32, user32, advapi32, oleaut32, version, gdi32, comctl32, shell32
Exports 0 functions
Resources 353 Resources
Sections 8 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
CODE 0x00001000 501,484 bytes 501,760 bytes 6.58 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 49F28A7F2D49CBD97DD13CCD3EF74DA1
DATA 0x0007c000 13,264 bytes 13,312 bytes 4.89 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 29B9353FA474E5D8036066831A795B5C
BSS 0x00080000 4,157 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.idata 0x00082000 8,884 bytes 9,216 bytes 4.92 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE AD5DF48DCA749243CD4FA46FFE42D33C
.tls 0x00085000 16 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x00086000 24 bytes 512 bytes 0.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 4477A95C3D23EA19C32C7BD26AC896FE
.reloc 0x00087000 30,360 bytes 30,720 bytes 6.66 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 0291933310EACA95662A03D7F948FE0B
.rsrc 0x0008f000 2,738,608 bytes 2,738,688 bytes 7.90 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ F90D88EF0CB4124196A54B4B1B46AE72
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 353 (2,717,067 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 7 2,156 bytes
0.1%
RT_BITMAP 13 5,196 bytes
0.2%
RT_ICON 2 10,768 bytes
0.4%
RT_DIALOG 1 58 bytes
0%
RT_STRING 18 13,188 bytes
0.5%
RT_RCDATA 303 2,684,871 bytes
98.8%
RT_GROUP_CURSOR 7 140 bytes
0%
RT_GROUP_ICON 1 34 bytes
0%
RT_MANIFEST 1 656 bytes
0%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware