home

03204a1a.exe

Windows Defender User Interface

BreakPoint Software, Inc.

It runs as a scheduled task under the Windows Task Scheduler named setup triggered to execute each time a user logs in.
Publisher:
Microsoft Corporation  (signed by BreakPoint Software, Inc.)

Product:
Microsoft® Windows® Operating System

Description:
Windows Defender User Interface

Version:
4.9.10586.494

MD5:
94e5e58a781cb7872df55b27e759be1f

SHA-1:
53b880adc4fadd79d8b284141f01e821b7634cba

SHA-256:
b7386c8fd9a226c3dbe299a31b6163fd7dac31e45d400f8d0bb3ed8046f48de3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/7/2025 8:29:33 PM UTC  (today)

File size:
340.1 KB (348,288 bytes)

Product version:
4.9.10586.494

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
MSASCUI.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\03204a1a.exe

Digital Signature
Signed by:
BreakPoint Software, Inc.

Authority:
Thawte, Inc.

Valid from:
10/17/2013 3:30:00 AM

Valid to:
10/18/2015 3:29:59 AM

Subject:
CN="BreakPoint Software, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="BreakPoint Software, Inc.", L=Wayland, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0AC3CF34686D1BFF5FC6519BD737B0C5

File PE Metadata
Compilation timestamp:
8/21/2016 2:39:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:gJEmceDVH1i4Lzh4SWTW9Ks+irTOOiNy8lPqmV//eNxy/toJG1aw+:0ES5H1xzhVQWEs+cTOblPwbDG1aw+

Entry address:
0x54A7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4146

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
331 KB (338,944 bytes)

Scheduled Task
Task name:
setup

Path:
\Update\setup

Trigger:
Logon (Runs on logon)


Scan 03204a1a.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.