» WLXPhotoAcquireWizard.exe
Overview
Analysis
File Details
Behaviors (1)

WLXPhotoAcquireWizard.exe

Windows Live Photo Gallery

mcc build team

File name:

Publisher:

Microsoft Corporation (signed by mcc build team)

Product:

Windows Live Photo Gallery

Description:

Windows Live Photo Acquisition Wizard

Version:

12.0.1329.0201_ship.client.personalMedia-w2se

MD5:

52096dcd8c93ce91b1f9e97c58c06ae5

SHA-1:

adecf3ef40d381c11697fa8304b845a7de5e873e

SHA-256:

7089a97fc1144a145d08f8525c26382b6842bd75ef2ad9fc0f38b3f220ac1f43

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/23/2024 10:23:46 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Sality

160118-1

VIPRE Antivirus

Threat.4150696

46960

File size:

222.1 KB (227,456 bytes)

Product version:

12.0.1329

Original file name:

WLXPhotoAcquireWizard.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\windows live\photo gallery\wlxphotoacquirewizard.exe

Digital Signature

Signed by:

mcc build team

Authority:

Microsoft

Valid from:

12/6/2007 1:20:55 PM

Valid to:

12/5/2008 1:20:55 PM

Subject:

CN=mcc build team

Issuer:

E=pkit@microsoft.com, CN=Microsoft Windows Redmond, OU=Corporate Security, O=Microsoft, L=Redmond, S=Washington, C=US

Serial number:

4CAD91FB0005000DC5E5

File PE Metadata

Compilation timestamp:

2/2/2008 2:12:29 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:UdVLCNN4dOsabDrFukmnP0pvGWHnHapbo0P3dHTDlnD2nRVJogh4ydDeuwo9TQf:UVL+ydOlD+h3dNqRjDh4C6eT2

Entry address:

0x562C

Entry point:

E8, 34, 04, 00, 00, E9, 2C, FD, FF, FF, CC, CC, CC, CC, CC, 3B, 0D, 1C, 80, 00, 01, 75, 02, F3, C3, E9, B4, 04, 00, 00, CC, CC, CC, CC, CC, 6A, 14, 68, 60, 62, 00, 01, E8, E1, 01, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 6D, 05, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, D7, 01, 00, 00, C2, 10... 
[+]

Entropy:

5.5003

Code size:

25.5 KB (26,112 bytes)

Approved Shell Extension

CLSID:

{06A2568A-CED6-4187-BB20-400B8C02BE5A}

Scan WLXPhotoAcquireWizard.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.