home

wmp11-windowsxp-x86-de-de.exe

Windows Media Component Setup Application

Microsoft Corporation

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Windows Media Component Setup Application

Version:
11.0.5721.5262

MD5:
66c0a80e071987d8864ba873a96dfee1

SHA-1:
ec733258611e57a385bc30249a741e8ce7b6ffa7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/26/2024 12:08:32 AM UTC  (today)

File size:
24.6 MB (25,766,024 bytes)

Product version:
11.0.5721.5262

Copyright:
(C) Microsoft Corporation. All rights reserved.

Original file name:
WEXTRACT.EXE

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\wmp11-windowsxp-x86-de-de.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
1/20/2009 2:58:26 AM

Valid to:
3/20/2010 3:08:26 AM

Subject:
CN=Microsoft Corporation, OU=AOC, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6101640F00000000000B

File PE Metadata
Compilation timestamp:
6/6/2000 10:43:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
393216:NArldB0SW2KfIJHJ+tA+MXIPlYHjOcsGWcG7s6pd/QnX9miqEZRa+yBh2SXgg+kE:NK2/fMXWlYHDszcGoed/qqoykOggFgl

Entry address:
0x2891

Entry point:
55, 8B, EC, 83, EC, 44, 56, FF, 15, DC, 10, 00, 01, 8B, F0, 8A, 06, 3C, 22, 75, 14, 8A, 46, 01, 46, 84, C0, 74, 04, 3C, 22, 75, F4, 80, 3E, 22, 75, 0D, 46, EB, 0A, 3C, 20, 7E, 06, 46, 80, 3E, 20, 7F, FA, 8A, 06, 84, C0, 74, 07, 3C, 20, 7F, 03, 46, EB, F3, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, D8, 10, 00, 01, F6, 45, E8, 01, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00, FF, 15, 60, 11, 00, 01, 50, E8, 0E, 00, 00, 00, 8B, F0, 56, FF, 15, D0, 10, 00, 01, 8B, C6, 5E, C9, C3, 56, 33, F6...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
34 KB (34,816 bytes)

The file wmp11-windowsxp-x86-de-de.exe has been seen being distributed by the following 11 URLs.

http://gsf-cf.softonic.com/ec7/332/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52214&instance=softonic_de&type=PROGRAM&Expires=1476253901&Signature=iiweBFFdAl~I5~ZmhA9zS-3vSETnEoI465F0mwBT2iUELRck9aMD5kteRHkeWsJidT2uSmwJD12AGBSupXWsTQQXHWf9OVVDWkskjbls0x7f3CYdk3PRW00uHrNmZYF93Fote3onQaZJROjsdMCp1LL6V6xUEeBO3932hIVLqow_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wmp11-windowsxp_x86-DE-DE.exe

http://gsf-cf.softonic.com/ec7/332/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52214&instance=softonic_de&type=PROGRAM&Expires=1456887588&Signature=KaO8AjpVGQF0-Tq9GHfY7fCuraFUuj2utMMCXs3Y4ZIj4nutnXK5Fhwky7P9~tBDcxhuxlC7m7GycFqsjWWLQUxUuExDPf64T76nbVR3TQH6lfMUDaVyZo3nWhNEKyOy6ZDqjlLh3~Ld8rwkXyo4BDMFr695gxzJkrXN3r0Znlc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wmp11-windowsxp_x86-DE-DE.exe

http://gsf-cf.softonic.com/ec7/332/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52214&instance=softonic_de&type=PROGRAM&Expires=1476814569&Signature=g6KxrQgJgh4hGxJOEABbjqSC48RAcQhUA1xFm~TQ09vBg2tj4osqZqKsTg28Jspt3YKSLE-34tfwn~3bMjy184-DzDjoJMwhKwhPbD0wr978qILwR50MIsHFrGkGju7YzP7Xx8IUT7ZtPYReBdP-Wy1L7eDz24kQOFcjbkx4wP8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wmp11-windowsxp_x86-DE-DE.exe

http://dl.cdn.chip.de/downloads/.../wmp11-windowsxp-x86-DE-DE.exe

http://windows-media-player-11.de.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMH4UJC1lIN/QapfZAAG6da5KDtbb/wJjMkq4 HRGx0dVxNiQoPf1CRRK7pb7KVy0hihGHOH8BhZYlOtDXTDrxBusyEvZkkft m/ S2SzyAmDpHQMpUsGEP1gf6BDj9Sw7JArFxqlN03dQeGAfW5S9/.../P9NaSUABSChvrAYrqp9Nv1zVm 4x0N

http://gsf-cf.softonic.com/ec7/332/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52214&instance=softonic_de&type=PROGRAM&Expires=1463068139&Signature=goMBb9PoKQ5jdaM7NG6P9OdTcxf3-OkXQ1e8zTu16AeJUnfvd~ZX4HM9l-plEC9vOh~S~I0zEkr6JgoA6aQDpYdOHkjmJO1fT4BoRrguStJmOfnWcGRQ9GitEcUP93A6xUXYzk0OeEPda4bpAgSv3GXLC9ALQQa4p~WdoTzRf4s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wmp11-windowsxp_x86-DE-DE.exe

http://windows-media-player.nl.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMH4UJC1lIN/QapfZAAG6da5KDtbb/wJjMkq4 HRGx0dVxNiQoPf1CRRK7pb7KVy0hihGHOH8BhZYlOtDXTDrxBusyEvZkkft m/ S2SzyAmDpHQMpUsGEP1gf6BDj9Sw7JArFxqlN03dQeGAfW5S9/.../P9NaSUABSChvrAYrqp9Nv1zVm 4x0N

http://windows-media-player-11.nl.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMH4UJC1lIN/QapfZAAG6da5KDtbb/wJjMkq4 HRGx0dVxNiQoPf1CRRK7pb7KVy0hihGHOH8BhZYlOtDXTDrxBusyEvZkkft m/ S2SzyAmDpHQMpUsGEP1gf6BDj9Sw7JArFxqlN03dQeGAfW5S9/.../P9NaSUABSChvrAYrqp9Nv1zVm 4x0N

https://download.microsoft.com/download/a/0/c/.../wmp11-windowsxp-x86-DE-DE.exe

http://global-shared-files-lw.softonic.com/ec7/332/.../wmp11-windowsxp_x86-DE-DE.exe

http://download.microsoft.com/download/a/0/c/.../wmp11-windowsxp-x86-DE-DE.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.