home

sol.exe

Système d'exploitation Microsoft Windows

Microsoft Corporation

This is a setup program which is used to install the application. It is installed as part of the Windows XP OS. The file has been seen being downloaded from www.windows8facile.fr and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Système d'exploitation Microsoft® Windows®

Description:
Applet du jeu Solitaire

 
Part of the Windows XP Operating System

Version:
5.1.2600.0 (xpclient.010817-1148)

MD5:
caca53644879416250c9bfa6a109e3d8

SHA-1:
7c1581e6aecc36d2212cf2dc50ab326601d43e9b

SHA-256:
6491319283b1dbaed382f66cbb31515034502ffdad85c617b8c9f0df8505026e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/27/2024 12:25:48 AM UTC  (today)

File size:
56 KB (57,344 bytes)

Product version:
5.1.2600.0

Copyright:
© Microsoft Corporation. Tous droits réservés.

Original file name:
sol.exe

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\Windows\System32\sol.exe

File PE Metadata
Compilation timestamp:
8/17/2001 10:54:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
768:ohEzyg3WKXQzIJZeZ1POiAqbC2OK9P/pKRo9bQ7VFJD1zlRHJW:oaypKXaIJ812iAP2H9P/8i9sxW

Entry address:
0x5F85

Entry point:
6A, 70, 68, F8, 12, 00, 01, E8, DF, 01, 00, 00, 33, DB, 53, 8B, 3D, 98, 10, 00, 01, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81, 39, 50, 45, 00, 00, 75, 12, 0F, B7, 41, 18, 3D, 0B, 01, 00, 00, 74, 1F, 3D, 0B, 02, 00, 00, 74, 05, 89, 5D, E4, EB, 27, 83, B9, 84, 00, 00, 00, 0E, 76, F2, 33, C0, 39, 99, F8, 00, 00, 00, EB, 0E, 83, 79, 74, 0E, 76, E2, 33, C0, 39, 99, E8, 00, 00, 00, 0F, 95, C0, 89, 45, E4, 89, 5D, FC, 6A, 02, FF, 15, C4, 11, 00, 01, 59, 83, 0D, 80, 73, 00, 01, FF, 83, 0D, 84, 73...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
23.5 KB (24,064 bytes)

Windows Firewall Allowed Program
Name:
C:\WINDOWS\system32\sol.exe


The file sol.exe has been seen being distributed by the following 3 URLs.

http://www.windows8facile.fr/download/.../?wpdmdl=8680

http://www.windows8facile.fr/download/.../?wpdmdl=8656

http://www.windows8facile.fr/?wpdmdl=8680

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.