home

winlogan.exe

Windows Logon Application

Windows 7 Loader XE

Publisher:
Microsoft Corporation  (signed by Windows 7 Loader XE)

Product:
Microsoft® Windows® Operating System

Description:
Windows Logon Application

Version:
6.1.7600.16385 (win7_rtm.090713-1255)

MD5:
5c177be3ddbe43c02ac6c6c095d15e6a

SHA-1:
c4dd9d08e1aed54f401ee8650df310af7103a085

SHA-256:
500e0b06baf218140c9adb1fdf8abe9462cb62f39851e6211a66ad15d35d6cd9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 4:44:21 PM UTC  (today)

File size:
280 KB (286,696 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
WINLOGON.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\winlogan.exe

Digital Signature
Signed by:
Windows 7 Loader XE

Authority:
Windows 7 Loader XE

Valid from:
1/1/1900 2:30:00 AM

Subject:
CN=Windows 7 Loader XE

Issuer:
CN=Windows 7 Loader XE

Serial number:
E5844574E087B08C408DD8D6EFE43DD8

File PE Metadata
Compilation timestamp:
7/14/2009 5:07:00 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:AXJvDBuQif+VP1Bpv3gkmCc0+hDgWAQMqIg:ABDlt1Xv3PQhDgWAQcg

Entry address:
0x11D2F

Entry point:
E8, 11, FE, FF, FF, 6A, 58, 68, 48, 1E, 01, 01, E8, 50, F8, FE, FF, 33, DB, 89, 5D, E4, 89, 5D, FC, 8D, 45, 98, 50, FF, 15, 00, 14, 00, 01, C7, 45, FC, FE, FF, FF, FF, C7, 45, FC, 01, 00, 00, 00, 64, A1, 18, 00, 00, 00, 8B, 70, 04, BF, E8, B2, 03, 01, 6A, 00, 56, 57, FF, 15, 88, 14, 00, 01, 85, C0, 0F, 85, 12, FB, 00, 00, 33, F6, 46, A1, 20, B2, 03, 01, 3B, C6, 0F, 84, 20, FB, 00, 00, A1, 20, B2, 03, 01, 85, C0, 0F, 85, E5, C6, FF, FF, 89, 35, 20, B2, 03, 01, 68, 44, 1E, 01, 01, 68, 38, 1E, 01, 01, E8, 06...
 
[+]

Entropy:
6.3437

Code size:
231.5 KB (237,056 bytes)

Scan winlogan.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.