» gdiplus.dll
Overview
Analysis
File Details

gdiplus.dll

Microsoft GDI+

Landmark Information Group

File name:

gdiplus.dll

Publisher:

Microsoft Corporation (signed by Landmark Information Group)

Product:

Microsoft® Windows® Operating System

Description:

Microsoft GDI+

Version:

5.1.3102.1360 (xpsp2.040109-1800)

MD5:

dc35679f9d977002930bf59b6db2a803

SHA-1:

c68a93236fc5db7d0e4f1bd10bf361479861871c

SHA-256:

5f9ffef42b46178b598651a625edf40a74efce6afa4dca6ee18440f4645973f8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/2/2024 6:04:26 PM UTC (today)

File size:

1.6 MB (1,644,232 bytes)

Product version:

5.1.3102.1360

Original file name:

gdiplus

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\gdiplus.dll

Digital Signature

Signed by:

Landmark Information Group

Authority:

thawte, Inc.

Valid from:

1/18/2016 12:00:00 AM

Valid to:

2/4/2017 11:59:59 PM

Subject:

CN=Landmark Information Group, O=Landmark Information Group, L=Exeter, S=Devon, C=GB

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

1C00F7CB597C054683C07FF1F76B84FF

File PE Metadata

Compilation timestamp:

3/2/2004 5:38:12 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

7.0

Entry address:

0x351FC

Entry point:

55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 85, F6, 57, 8B, 7D, 10, 0F, 84, 48, E0, 04, 00, 83, FE, 01, 75, 43, A1, 6C, C6, E6, 70, 85, C0, 0F, 85, 42, E0, 04, 00, 57, 56, 53, E8, E8, 00, 00, 00, 85, C0, 0F, 84, 3F, E0, 04, 00, 57, 56, 53, E8, 67, FF, FF, FF, 83, FE, 01, 89, 45, 0C, 0F, 85, 3A, E0, 04, 00, 85, C0, 0F, 84, 2A, E0, 04, 00, 8B, 45, 0C, 5F, 5E, 5B, 5D, C2, 0C, 00, 83, FE, 02, 75, D5, EB, B6, 8B, 45, 08, 85, C0, 74, 03, 83, 20, 00, FF, 03, 5F, 5B, C9, C3, 55, 8B, EC, 51, 51, 53, 56, 57, 33, FF... 
[+]

Entropy:

6.7867

Developed / compiled with:

Microsoft Visual C++

Code size:

1.4 MB (1,482,752 bytes)

Scan gdiplus.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.