KeePass.exe
- File Path:
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
- Description: KeePass
- Comments: KeePass Password Safe
Screenshot
Hashes
| Type |
Hash |
| MD5 |
961DFBEE4C1C386665D4BB29F0A49441 |
| SHA1 |
B011C8DCBE990C5A835BDDCC01DE793090B35480 |
| SHA256 |
88E405FB55ACE99ABA86F1498448EB4AC815EF957AC947FD8A23F264782A5E33 |
| SHA384 |
B56A06BA7BF68E73DC3811D64DD9B2E7B76C24FB87560396FD996136409B5812EC8C84106830FA2E56A98867353349A9 |
| SHA512 |
55D92B1570B2EECF3BE9E39373CEB6C3B24AE7D6E28D215BFFAFDEFFEA0DF27EC5D1D1A0995CDD8A110D152C32957A62E384CCFFA7AB05D62D5D166B3E763283 |
| SSDEEP |
49152:xrcbPl1xttuelS6RsOklw94Vh3GNhbNfvioK:xr8PV/uelS6uzF |
| IMP |
F34D5F2D4577ED6D9CEEC516C1F5A744 |
| PESHA1 |
F301560F9D35D112E2FAFBCF10BE0A29584C862B |
| PE256 |
CD30A745644C598C4FBB42CB6F32F05ABDD1C47B56B073B29C92352E896CB1C4 |
Runtime Data
Open Handles:
| Path |
Type |
| (R-D) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe |
File |
| (R-D) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.XmlSerializers.dll |
File |
| (R-D) C:\Windows\Fonts\StaticCache.dat |
File |
| (R-D) C:\Windows\System32\en-US\user32.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\winnlsres.dll.mui |
File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21 |
File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_faefa4f37613d18e |
File |
| (RW-) C:\xCyclopedia |
File |
| (RWD) C:\Windows\Fonts\micross.ttf |
File |
| ...\Cor_SxSPublic_IPCBlock |
Section |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\Cor_Private_IPCBlock_v4_612 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\BaseNamedObjects\1DefaultTIPSharedMemory |
Section |
| \Sessions\1\BaseNamedObjects\264HWNDInterface:50066a |
Section |
| \Sessions\1\BaseNamedObjects\264HWNDInterface:980756 |
Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters |
Section |
| \Sessions\1\Windows\Theme2547664911 |
Section |
| \Windows\Theme3854699184 |
Section |
Loaded Modules:
| Path |
| C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe |
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll |
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll |
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\SYSTEM32\kernel.appcore.dll |
| C:\Windows\System32\KERNEL32.dll |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\MSCOREE.DLL |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\SHLWAPI.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\SYSTEM32\VERSION.dll |
| C:\Windows\System32\win32u.dll |
Signature
- Status: Signature verified.
- Serial:
57E66F7FA80DDA7E5D403D6863548CC6
- Thumbprint:
3B82AC8D746DF6E395B76EC1BDC27CE25793D73B
- Issuer: CN=Certum Code Signing CA SHA2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
- Subject: E=cert@dominik-reichl.de, CN=”Open Source Developer, Dominik Reichl”, O=Open Source Developer, L=Metzingen, C=DE
- Original Filename: KeePass.exe
- Product Name: KeePass
- Company Name: Dominik Reichl
- File Version: 2.46.0.0
- Product Version: 2.46.0.0
- Language: Language Neutral
- Legal Copyright: Copyright 2003-2020 Dominik Reichl
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/88e405fb55ace99aba86f1498448eb4ac815ef957ac947fd8a23f264782a5e33/detection/
File Similarity (ssdeep match)
Possible Misuse
The following table contains possible examples of KeePass.exe being misused. While KeePass.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
MIT License. Copyright (c) 2020-2021 Strontic.