home

filever.exe

Microsoft Version Resource Dump Utility

Microsoft Corporation

Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Microsoft Version Resource Dump Utility

Version:
6.0.4005.0 (Lab01_N(bryant).030124-2026)

MD5:
054e8875546131d8f8566635aed099ec

SHA-1:
c5283e3b68c79aff2664089b5b110da2c93e115d

SHA-256:
4fb5288fff28a131c792e38a11708c6a133dda3f009d11ee2a79d124d44cb9be

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 7:30:30 AM UTC  (today)

File size:
17 KB (17,408 bytes)

Product version:
6.0.4005.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
filever.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\windows\temp\statestore\usmt\file\c$\work\cxcache\corext.tools.1.0.8\amd64\filever.exe

File PE Metadata
Compilation timestamp:
2/3/2003 3:22:30 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
384:SwTe0mhUKFOq/DnW1mfQoOCm3fDOjXDQwO+PT8q6+wZncVDCJ9jvEUNWkWfaW:1kheWswdPoq31CJ9jGf

Entry address:
0x3A40

Entry point:
48, 83, EC, 78, 48, 89, 5C, 24, 70, 48, 89, 7C, 24, 68, E8, 7D, FF, FF, FF, 8B, F8, 89, 44, 24, 3C, B9, 01, 00, 00, 00, FF, 15, 1C, D7, FF, FF, 48, C7, C0, FF, FF, FF, FF, 48, 89, 05, 96, 19, 00, 00, 48, 89, 05, 97, 19, 00, 00, 48, 8B, 15, F8, D6, FF, FF, 8B, 0D, 7A, 19, 00, 00, 89, 0A, 48, 8B, 0D, 21, D7, FF, FF, 8B, 05, 67, 19, 00, 00, 89, 01, E8, 14, FF, FF, FF, 83, 3D, 45, 19, 00, 00, 00, 75, 0D, 48, 8D, 0D, 34, 01, 00, 00, FF, 15, B6, D6, FF, FF, 48, 8D, 15, 27, D7, FF, FF, 48, 8D, 0D, 18, D7, FF, FF...
 
[+]

Entropy:
5.1662

Code size:
13 KB (13,312 bytes)

Scan filever.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.