Gridinsoft Logo

The gdiplus.dll (Microsoft GDI+) File Analysis

Updated 2 months ago
Checked by Malaware Check
gdiplus.dll

Technical Analysis

File Name gdiplus.dll
File Type
PE32 executable (DLL) (console) Intel 80386, for MS Windows
Scanner Version 1.0.212.174
Database Version 2025-04-05 02:00:38 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
1,645,320
File Size (bytes)
2025-04-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
871c903a90c45ca08a9d42803916c3f7
SHA1
d962a12bc15bfb4c505bb63f603ca211588958db
SHA256
f1da32183b3da19f75fa4ef0974a64895266b16d119bbb1da9fe63867dba0645
SHA512
985b0b8b5e3d96acfd0514676d9f0c5d2d8f11e31f01acfa0f7da9af3568e12343ca77f541f55edda6a0e5c14fe733bda5dc1c10bb170d40d15b7a60ad000145
ImpHash
2a1ab6b72adad6b03d0746b0a5fa55d6

PE Analysis

Basic Information

Image Base 0x70d00000
Entry Point 0x70d351fc
Compilation Time 2004-03-02 17:38:12
Checksum 0x001a0d2e (Actual: 0x001a0d2e)
OS Version 5.1
PEiD Signatures PE32 executable (DLL) (console) Intel 80386, for MS Windows
PDB Path MicrosoftWindowsGdiPlus-1.0.2600.1360-gdiplus.pdb
Digital Signature OK
Imports 5 libraries
KERNEL32, USER32, GDI32, ole32, ADVAPI32
Exports 609 functions
Resources 3 Resources
Sections 5 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Microsoft GDI+
FileVersion 5.1.3102.1360 (xpsp2.040109-1800)
InternalName gdiplus
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename gdiplus
ProductName Microsoft® Windows® Operating System
ProductVersion 5.1.3102.1360
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,479,790 bytes 1,482,752 bytes 6.77 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ B08D048681EDFA5B9362EDD7719C2A5C
.data 0x0016b000 41,560 bytes 40,960 bytes 4.55 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BA9755275E94088509342306D58E62B0
Shared 0x00176000 3,528 bytes 4,096 bytes 2.44 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 3237F20954680D5B09E277883A0EC64E
.rsrc 0x00177000 72,120 bytes 73,728 bytes 6.59 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B70584501E8859E0A0A82C5897B149F0
.reloc 0x00189000 29,588 bytes 32,768 bytes 6.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 4178FA3314698EB0E2DBDB1E8AAAF7EF
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 3 (71,854 bytes)
Resource Type Count Total Size Percentage
SIAMDB 2 70,982 bytes
98.8%
RT_VERSION 1 872 bytes
1.2%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Microsoft GDI+
File Version 5.1.3102.1360 (xpsp2.040109-1800)
Original Name gdiplus
Signing Date 06:52 PM 05/04/2004 (7703 days ago)
Verification Status Signed
Signers Microsoft Windows XP Publisher; Microsoft Windows Verification Intermediate PCA; Microsoft Root Authority
Counter Signers VeriSign Time Stamping Services Signer; VeriSign Time Stamping Services CA; Thawte Timestamping CA
Internal Name gdiplus
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
VeriSign Time Stamping Services CA #1 Primary
Validity Period: 2003-12-04 00:00:00 → 2013-12-03 23:59:59
Signature Algorithm: sha1RSA
Serial Number: 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
VeriSign Time Stamping Services Signer #2 Chain
Validity Period: 2003-12-04 00:00:00 → 2008-12-03 23:59:59
Signature Algorithm: sha1RSA
Serial Number: 0D E9 2B F0 D4 D8 29 88 18 32 05 09 5E 9A 76 88
Microsoft Root Authority #3 Chain
Validity Period: 1997-01-10 07:00:00 → 2020-12-31 07:00:00
Signature Algorithm: md5RSA
Serial Number: C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Microsoft Windows Verification Intermediate PCA #4 Chain
Validity Period: 1999-07-01 07:00:00 → 2005-10-15 07:00:00
Signature Algorithm: md5RSA
Serial Number: 6A 0B 99 4F C0 00 9D AA 11 D3 30 A8 95 60 AC FA
Microsoft Windows XP Publisher #5 Chain
Validity Period: 2003-06-30 23:22:43 → 2004-08-30 23:32:43
Signature Algorithm: sha1RSA
Serial Number: 61 06 51 3F 00 00 00 00 00 35

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware