home

selfhostreliabilitystudy.exe

Microsoft Selfhost Reliability Study

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Microsoft Selfhost Reliability Study

Version:
5.2.3668.0

MD5:
0c9d3f0dbbb5ca56044ac490ed38b7f0

SHA-1:
b5d503c0016b38e61f4ebfc12da6873e994011c6

SHA-256:
bfce66ef28e31ae92cad2e34931fba0263bc33c6c2a9ed4fb879ffb607e89ce9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/23/2024 7:32:23 AM UTC  (today)

File size:
143.3 KB (146,712 bytes)

Product version:
5.2.3668.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
idwrac.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\grouppolicy\datastore\0\sysvol\redmond.corp.microsoft.com\policies\{87fd9ca5-0937-4258-a39e-24eaad3117aa}\user\scripts\logon\amd64\selfhostreliabilitystudy.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
MSIT Enterprise CA 1

Valid from:
9/12/2013 8:56:24 PM

Valid to:
9/12/2014 8:56:24 PM

Subject:
CN=Microsoft Corporation (Internal Use Only), OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=MSIT Enterprise CA 1

Serial number:
54FE0415000201A1A437

File PE Metadata
Compilation timestamp:
7/9/2014 4:49:35 PM

OS version:
6.4

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.10

CTPH (ssdeep):
3072:4BPgxRC+WvYjlr5fP7Gn14q67NJ0JB6VRlw0DIQ+KmWKeSe4dE0wje2WIfB0qir3:KQZP7GeynhX

Entry address:
0x4788

Entry point:
48, 83, EC, 28, E8, 23, 2A, 00, 00, 48, 83, C4, 28, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 81, EC, D0, 01, 00, 00, 48, 8B, 05, 5C, C8, 01, 00, 48, 33, C4, 48, 89, 84, 24, C0, 01, 00, 00, 8B, 0D, 5B, C8, 01, 00, E8, CA, 17, 00, 00, 89, 05, 50, C8, 01, 00, 48, 8D, 4C, 24, 30, FF, 15, 3D, 89, 00, 00, C7, 84, 24, A0, 00, 00, 00, 14, 01, 00, 00, 48, 8D, 8C, 24, A0, 00, 00, 00, FF, 15, BC, 88, 00, 00, 85, C0, 75, 0A, B8, FF, 00, 00, 00, E9, BF, 01, 00, 00, 44, 8B, 84, 24, AC, 00...
 
[+]

Entropy:
5.3935

Code size:
47 KB (48,128 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.