home

MovieMaker.EXE

Windows Live Movie Maker

Microsoft Corporation

It runs as a scheduled task under the Windows Task Scheduler. This is installed with Windows Live Essentials. The file has been seen being downloaded from download1517.mediafire.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Windows Live™ Movie Maker

Description:
Windows Live Movie Maker

Version:
15.4.3555.0308_ship.wlx.w4m4 (ship)

MD5:
82e53ec685889ad8cfb3ad812a906489

SHA-1:
e203350ab83d4d56ae69835b53de5c3085510cd4

SHA-256:
f5cbe9c70e5d16f9cf82ce8134392225a8f8a764fbc866027314e1d3048aab37

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/26/2024 8:42:03 AM UTC  (today)

File size:
108.9 KB (111,472 bytes)

Product version:
15.4.3555.0308

Copyright:
© 2010 Microsoft Corporation. All rights reserved.

Original file name:
MovieMaker.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\windows live\photo gallery\moviemaker.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
2/21/2011 11:53:12 PM

Valid to:
5/21/2012 11:53:12 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6101B29B000000000015

File PE Metadata
Compilation timestamp:
3/9/2012 5:32:23 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:VRHexvkDmgInw68SsY/49MML9KbmyjMVdfvghL1UHHEGK5G1nMs7m6FrHUT:ifg7lYw9MMCTYPfaH5G1L77FoT

Entry address:
0x153F

Entry point:
E8, D8, 03, 00, 00, E9, 2D, FD, FF, FF, CC, CC, CC, CC, CC, 3B, 0D, 10, 30, 40, 00, 75, 02, F3, C3, E9, 5A, 04, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 8B, 00, 81, 38, 63, 73, 6D, E0, 75, 2A, 83, 78, 10, 03, 75, 24, 8B, 40, 14, 3D, 20, 05, 93, 19, 74, 15, 3D, 21, 05, 93, 19, 74, 0E, 3D, 22, 05, 93, 19, 74, 07, 3D, 00, 40, 99, 01, 75, 05, E8, 24, 05, 00, 00, 33, C0, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 68, 62, 15, 40, 00, FF, 15, 3C, 10, 40, 00, 33, C0, C3, CC, CC, CC, CC, CC, FF, 25, B8...
 
[+]

Entropy:
7.3414

Code size:
5 KB (5,120 bytes)

Scheduled Task
Task name:
{5E163CBC-F895-46E3-8D51-FB353FA1414E}

Trigger:
Registration (Runs on registration)


The file MovieMaker.EXE has been discovered within the following programs.

Podstawowe programy Windows Live  by Microsoft Corporation
Publisher's description - “Windows Live is the former collective brand name for a set of services and software products from Microsoft; part of their software plus services platform.”
explore.live.com/windows-live-essentials
8% remove it
Windows Live  by Microsoft Corporation
Windows Live "is a way to extend the Windows user experience".
9% remove it
Windows Live Essentials  by Microsoft Corporation
Windows Live Essentials is a suite of freeware applications by Microsoft that aims to offer integrated and bundled e-mail, instant messaging, photo-sharing, blog publishing, and security services.
10% remove it
 
Powered by Should I Remove It?

The file MovieMaker.EXE has been seen being distributed by the following 3 URLs.

http://download1517.mediafire.com/52miecfhrrxg/.../WindownMovieMaker TheKriizthiian.exe

http://download1517.mediafire.com/hyj00d1m3e1g/.../WindownMovieMaker TheKriizthiian.exe

http://download759.mediafire.com/icgeb510hrug/.../WindownMovieMaker TheKriizthiian.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.