home

w6gth.exe

System operacyjny Microsoft Windows

{9C1F8E52-00A6-4A3A-90CA-F8EC53FAC0E8}

Publisher:
Microsoft Corporation  (signed by {9C1F8E52-00A6-4A3A-90CA-F8EC53FAC0E8})

Product:
System operacyjny Microsoft® Windows®

Description:
Proces hosta rozszerzonych kreatorów

Version:
6.3.9600.16384 (winblue_rtm.130821-1623)

MD5:
481da4dfb2d1b46a8729e7ea566bd287

SHA-1:
44e956c8b5bc5eaee72b8e50d4e4f99b3d0df7e2

SHA-256:
2fe9ccea466ea63399eee225c1d1814d324a902531474aeaf115e9218fd0805b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:08:17 AM UTC  (today)

File size:
335 KB (343,072 bytes)

Product version:
6.3.9600.16384 (winblue_rtm.130821-1623)

Copyright:
© Microsoft Corporation. Wszelkie prawa zastrzeżone.

Original file name:
Proces hosta rozszerzonych kreatorów.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\w6gth.exe

Digital Signature
Signed by:
{9C1F8E52-00A6-4A3A-90CA-F8EC53FAC0E8}

Authority:
{9C1F8E52-00A6-4A3A-90CA-F8EC53FAC0E8}

Valid from:
2/19/2014 4:00:11 AM

Valid to:
2/19/2015 10:00:11 AM

Subject:
CN={9C1F8E52-00A6-4A3A-90CA-F8EC53FAC0E8}

Issuer:
CN={9C1F8E52-00A6-4A3A-90CA-F8EC53FAC0E8}

Serial number:
274683BF421F748E4C53A26F410E5243

File PE Metadata
Compilation timestamp:
2/26/2014 8:29:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:0oFGezOiAoW9HpBZPB7+50CSsHk/ZC037iLK798D68wl:TNOnjPaDI7B798D68wl

Entry address:
0x4E9BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 03, 00, 03, 00, 00, 00, 28, 00, 00, 80, 0E, 00, 00, 00, 80, 00, 00, 80, 10, 00, 00, 00, 98, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 09, 00, 32, 00, 00, 00, B0, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
306.5 KB (313,856 bytes)

Scan w6gth.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.