» tmp00006ca9
Overview
Analysis
File Details

tmp00006ca9

Microsoft Windows Operating System

Dong Qian

File name:

tmp00006ca9

Publisher:

Microsoft Corporation (signed by Dong Qian)

Product:

Microsoft Windows Operating System

Description:

Microsoft XBox Live

Version:

6.3.9600.17284 (aaa.140822-1915)

MD5:

14edb07084323e85687ce923b3420bc1

SHA-1:

0e78bbcc5411f86abb6df9bf3c666745b935d107

SHA-256:

9e589fb38221b4680d07e47b1e48eac581dadea8ebc97ad97d1fb26b3edbbd53

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

6/23/2025 3:34:08 PM UTC (today)

File size:

5.6 MB (5,906,904 bytes)

Product version:

xbox 4.0

Original file name:

xbox.exe

Language:

English (United States)

Common path:

C:\windows\temp\tmp0000054e\tmp00006ca9

Digital Signature

Signed by:

Dong Qian

Authority:

WoSign CA Limited

Valid from:

8/26/2015 12:10:40 PM

Valid to:

8/26/2016 12:10:40 PM

Subject:

CN=Dong Qian, L=Jixi, S=Heilongjiang, C=CN

Issuer:

CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

3E9D26DCF703CA3B140D7E7AD48312E2

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.0

CTPH (ssdeep):

49152:yiliV8JSRAM5ImuJfUI+OM4CX/jinUI+OM4CX/G7dq3N8muJfUI+OM4CX/:yili6IRAM5c+BNih+B07dq3K+B

Entry address:

0x519F0

Entry point:

83, EC, 0C, 8B, 44, 24, 0C, 8D, 5C, 24, 10, 89, 44, 24, 04, 89, 5C, 24, 08, C7, 04, 24, FF, FF, FF, FF, E9, 01, 00, 00, 00, CC, E9, 0B, D3, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 5C, 24, 04, 64, C7, 05, 34, 00, 00, 00, 00, 00, 00, 00, 89, E5, 8B, 4B, 04, 89, C8, C1, E0, 02, 29, C4, 89, E7, 8B, 73, 08, FC, F3, A5, FF, 13, 89, EC, 8B, 5C, 24, 04, 89, 43, 0C, 89, 53, 10, 64, 8B, 05, 34, 00, 00, 00, 89, 43, 14, C3, CC, CC, CC, CC, 83, EC, 18, C7, 04, 24, F4, FF, FF, FF, 89, E5, FF, 15, 58, 90... 
[+]

Code size:

5.5 MB (5,796,352 bytes)

Scan tmp00006ca9 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.