home

gdi32.dll

GDI Client DLL

Microsoft Corporation

The GDI32 library exports Graphics Device Interface (GDI) functions that perform drawing functions for applications to consume including drawing, text output, and font management. It is installed with Windows 7 as a General Distribution Release (GDR) as part of a Hotfix. The file has been seen being downloaded from gsz-ao.sourceforge.net.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
GDI Client DLL

 
Part of the Windows 7 (with Service Pack 1) Operating System

Version:
6.1.7601.18577 (win7sp1_gdr.140822-1508)

MD5:
980305ac3af53c1964a11190451abb32

SHA-1:
b4c8197b2289ad633d6d9814013c97dab20899be

SHA-256:
d0fe0845f9fb51b1f556e3a1d327f30603033a1fafc17dfa3d5047b93c7d4d82

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/24/2024 6:50:52 AM UTC  (today)

File size:
304.5 KB (311,808 bytes)

Product version:
6.1.7601.18577

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
gdi32

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\syswow64\gdi32.dll

File PE Metadata
Compilation timestamp:
8/23/2014 3:45:55 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
6144:3ed3eUoedRwoYbcrCi9YAykxZT3VaMdz5oKbR96K5vNJy/czq:3eleN0RwoYbcrnHxZTFaQ55b+KNNJyo

Entry address:
0x16343

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 0E, FF, 75, 08, FF, 15, 10, 01, AC, 7D, E8, C0, 02, 00, 00, 33, C0, 40, 5D, C2, 0C, 00, 90, 90, 90, 90, 90, 8B, FF, 55, 8B, EC, 57, 33, FF, E8, 51, 00, 00, 00, 8B, 45, 0C, 2B, C7, 0F, 84, F4, 01, 00, 00, 48, 75, 37, E8, C2, 02, 00, 00, 83, F8, 01, 0F, 85, 45, A0, 01, 00, E8, D2, 02, 00, 00, 6A, 12, 8B, F8, E8, 19, EB, FF, FF, 6A, 13, A3, 24, 01, B1, 7D, E8, 0D, EB, FF, FF, A3, 20, 01, B1, 7D, C7, 05, 14, 00, B1, 7D, 01, 00, 00, 00, 8B, C7, 5F, 5D, C2, 08, 00, 90, 90...
 
[+]

Code size:
292.5 KB (299,520 bytes)

The file gdi32.dll has been seen being distributed by the following URL.

http://gsz-ao.sourceforge.net/.../GDI32.DLL

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.