home

q283787_w2k_sp3_x86.exe

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Description:
Self-Extracting Cabinet

Version:
1.13

MD5:
311ef99aaf041e8e41c95fbd54ca599d

SHA-1:
05258e105a8414004839554debdd7c1429a8ecea

SHA-256:
6c8f465901874fe38cb444c84a9627e87db8148bba4dcc900416138380be27c6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/19/2024 2:21:24 PM UTC  (today)

File size:
158.4 KB (162,216 bytes)

Copyright:
Copyright (C) Microsoft, 1997-2000

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\oj6000ve609_basic_14\util\ccc\cht\q283787_w2k_sp3_x86.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
6/21/2000 3:50:25 PM

Valid to:
8/21/2001 4:00:25 PM

Subject:
CN=Microsoft Windows 2000 Publisher, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification Intermediate PCA, OU=Copyright (c) 1999 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=WA, C=US

Serial number:
612118CE000000000013

File PE Metadata
Compilation timestamp:
7/11/2000 1:18:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:qnK0ND640taWiZ6NNyoFbslR1n2O9W+X2fsg8mF5PsVW1+IgqWuEmAUEf3:YeXiENsljnZ01YmL+W1eWbG3

Entry address:
0x124A

Entry point:
81, EC, BC, 00, 00, 00, A1, 10, 11, 00, 05, 53, 55, 56, 33, DB, 57, 89, 44, 24, 1C, C6, 44, 24, 13, 63, 89, 5C, 24, 30, 89, 5C, 24, 34, FF, 15, 00, 10, 00, 05, FF, 15, 38, 10, 00, 05, A3, 20, 63, 01, 05, E8, AF, 11, 00, 00, BE, 2C, 63, 01, 05, 68, 04, 01, 00, 00, 56, 53, FF, 15, 34, 10, 00, 05, 8B, FE, 83, C9, FF, 33, C0, F2, AE, F7, D1, 49, 03, CE, 3B, CE, 76, 0D, 80, 79, FF, 5C, 8D, 41, FF, 74, 04, 8B, C8, EB, EF, 51, E8, 34, 0C, 00, 00, 56, 89, 44, 24, 1C, E8, CC, 11, 00, 00, FF, 15, 30, 10, 00, 05, 8B...
 
[+]

Entropy:
7.9076  (probably packed)

Code size:
18.5 KB (18,944 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.