» gdiplus.dll
Overview
Analysis
File Details
Downloads (2)

gdiplus.dll

Microsoft GDI+

Microsoft Corporation

File name:

gdiplus.dll

Publisher:

Microsoft Corporation

Product:

Microsoft® Windows® Operating System

Description:

Microsoft GDI+

Version:

5.2.3790.0 (srv03_rtm.030324-2048)

MD5:

9ce542555dd00a6481ae373c522da5bf

SHA-1:

e3c3db3754861c69dae502ca55be3c157a589ba0

SHA-256:

277245c7085a082d5f57f50c676c96ecfc742ea606f8cf83f5acbd9bcab6aa63

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/15/2024 6:27:57 PM UTC (today)

File size:

1.7 MB (1,748,992 bytes)

Product version:

5.2.3790.0

Original file name:

gdiplus

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\estsoft\alsee\gdiplus.dll

File PE Metadata

Compilation timestamp:

3/25/2003 6:43:32 PM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

7.10

CTPH (ssdeep):

24576:Nfmr/6FKVdSmvluGvomb5xDxZdjml1iGrgOj0gRd3DMthYDucRDoMmdFdp9g+7mf:NOrCFObvlF9b5pdjCIGPAWZiYD0SFCP

Entry address:

0x1A41

Entry point:

55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 85, F6, 57, 8B, 7D, 10, 0F, 84, AC, 9F, 01, 00, 83, FE, 01, 0F, 85, AF, 9F, 01, 00, A1, 2C, 70, E4, 70, 85, C0, 0F, 85, 19, D1, 07, 00, 57, 56, 53, E8, CC, FE, FF, FF, 85, C0, 0F, 84, 16, D1, 07, 00, 57, 56, 53, E8, 23, 00, 00, 00, 83, FE, 01, 89, 45, 0C, 0F, 85, 97, 9F, 01, 00, 85, C0, 0F, 84, 01, D1, 07, 00, 8B, 45, 0C, 5F, 5E, 5B, 5D, C2, 0C, 00, 90, 90, 90, 90, 90, 6A, 08, 68, 80, A2, D1, 70, E8, 24, FE, FF, FF, 33, F6, 46, 8B, 45, 0C, 83, E8, 00, 0F, 84, 47... 
[+]

Entropy:

6.8244

Developed / compiled with:

Microsoft Visual C++

Code size:

1.5 MB (1,597,440 bytes)

The file gdiplus.dll has been seen being distributed by the following 2 URLs.

http://www.alseeonline.co.kr/.../gdiplus.dll

http://www.alseeonline.co.kr/dll/.../gdiplus.dll

Scan gdiplus.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.