home

WiX311.exe

WiX Toolset v3.11.0.321

Outercurve Foundation

Publisher:
Outercurve Foundation  (signed and verified)

Product:
WiX Toolset v3.11.0.321

Version:
3.11.0.321

MD5:
64b3e39fe0d4dda01dc5a3c1245e7f7d

SHA-1:
f43f8854bb7338231d9c184317f2d47d2107803a

SHA-256:
56656ea575ef87ce7d849825ac85519f9c53fb290e8ebde506d756d8b6238a45

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 4:27:32 PM UTC  (today)

File size:
23.7 MB (24,891,992 bytes)

Product version:
3.11.0.321

Copyright:
Copyright (c) Outercurve Foundation. All rights reserved.

Original file name:
WiX311.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\delc4a7.tmp

Digital Signature
Signed by:
Outercurve Foundation

Authority:
DigiCert Inc

Valid from:
2/27/2014 3:00:00 AM

Valid to:
6/28/2017 3:00:00 PM

Subject:
CN=Outercurve Foundation, O=Outercurve Foundation, L=Wakefield, S=Massachusetts, C=US

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F9FA60B79A9CF30337E19EB6FD16EC6

File PE Metadata
Compilation timestamp:
3/22/2016 2:07:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
393216:QtBzerogoGTsdi0dQYXH8hmgvLVp49noXLVL/5L0bRUqg/3O5ZPCGeMrPER0PhR0:QPSrodgsQ0SYXchmgzIo/QbRUqg/3O5Y

Entry address:
0x2C990

Entry point:
E8, D1, 04, 00, 00, E9, 80, FE, FF, FF, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 80, F9, 40, 73, 15, 80, F9, 20, 73, 06, 0F, AD, D0, D3, EA, C3, 8B, C2, 33, D2, 80, E1, 1F, D3, E8, C3, 33, C0, 33, D2, C3, 55, 8B, EC, EB, 1F, FF, 75, 08, E8, 36, 6C, 00, 00, 59, 85, C0, 75...
 
[+]

Entropy:
7.9974  (probably packed)

Code size:
293.5 KB (300,544 bytes)

The file WiX311.exe has been seen being distributed by the following URL.

http://wixtoolset.org/downloads/.../wix311.exe

Scan WiX311.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.