home

dumpwm.exe

Micro Systemation AB

This file is installed with the program Micro Systemation Forensic Pack.
Publisher:
Micro Systemation AB  (signed and verified)

MD5:
3b847fd2005ba9a7b52f8b5918f149b7

SHA-1:
c7f9e146b45d28532a936d77296e6a6989efd74f

SHA-256:
b53fd6c67e75d21697c8386a06aabe9dcc52e3ec2c5f946f47253383df057f77

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 5:59:37 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro
PAK_Generic.001
10.465.14

File size:
21.3 KB (21,816 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\micro systemation\forensic pack\agents\dumpwm.exe

Digital Signature
Signed by:
Micro Systemation AB

Authority:
Microsoft Corporation

Valid from:
1/20/2010 12:56:22 PM

Valid to:
1/18/2020 7:29:05 PM

Subject:
CN=CodeSigning for Micro Systemation AB, OU=Microsoft Normal, O=Micro Systemation AB, L=Solna, S=Stockholm, C=SE

Issuer:
CN=VeriSign Authorized Code Signing (Unprivileged) CA for Microsoft, O=Microsoft Corporation, C=US

Serial number:
42F1

File PE Metadata
Compilation timestamp:
1/20/2010 12:51:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
384:8VF7qT5TVQp6DT134UIXerv64jNNmNQcH1uBAKR:YxqT5TVekv1pN1YuBR

Entry address:
0xBA50

Entry point:
FF, 4F, 2D, E9, 2C, 30, 8F, E2, E0, 1E, 93, E8, 01, 5A, 8F, E2, 00, 60, 97, E5, 01, 7A, 87, E2, 05, 00, 57, E1, FB, FF, FF, 9A, 35, 40, 8F, E2, 0F, E0, A0, E1, 14, FF, 2F, E1, FF, 4F, BD, E8, 20, C0, 9F, E5, 1C, FF, 2F, E1, 00, 80, 40, 00, 50, 3A, 00, 00, 00, 10, 40, 00, 75, 92, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9C, 68, 40, 00, 07, CB, 91, 46, 64, 46, 10, B5, 08, A7, 78, CF, 6F, 46, 6C, 44, 00, 21, 02, B4, A5, 45, FC, D1, 1C, B4, 23, 1D, 2A, 1C, 81, 1C, 18, 1D, 06, 60...
 
[+]

Code size:
17 KB (17,408 bytes)

The file dumpwm.exe has been discovered within the following programs.

Micro Systemation Forensic Pack  by Micro Systemation AB
www.msab.com
About 5% of users remove it
WinPhone8SDK
About 6% of users remove it
 
Powered by Should I Remove It?

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.