Dbgview.exe

Sysinternals Debugview

Microsoft Corporation

Publisher:
Sysinternals  (signed by Microsoft Corporation)

Product:
Sysinternals Debugview

Description:
DebugView

Version:
4.64

MD5:
30663766fa08b8daf6a0a3266288d174

SHA-1:
02927ba1e4a1517437e909caf958806985d2615d

SHA-256:
559ed15facbaf7a013bf0a7e055c18a9c8a23a08b9d028d6610c13046c43e5d6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/28/2024 1:54:18 PM UTC  (today)

File size:
461.4 KB (472,448 bytes)

Product version:
4.64

Copyright:
Copyright © 1998-2006 Mark Russinovich

Original file name:
Dbgview.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\dbgview.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
4/4/2006 2:43:46 PM

Valid to:
10/4/2007 2:53:46 PM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
61469ECB000400000065

File PE Metadata
Compilation timestamp:
1/8/2007 4:07:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:WEzpLvlqqYE702lFgk9HtFI8VyKBm9bSA0I2i0lucXb2S:FY8tMk9Nu8VyKBmUM0r2S

Entry address:
0x150D7

Entry point:
E8, D4, AE, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, E5, 54, 00, 00, 89, 45, 0C, 8B, 46, 0C, A8, 82, 59, 75, 17, E8, 5C, 0D, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2D, 01, 00, 00, A8, 40, 74, 0D, E8, 41, 0D, 00, 00, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, A8, 10, 89, 5E, 04, 0F, 84, 85, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B, 46, 0C, 83, E0, EF, 83, C8, 02, 66, A9, 0C, 01, 89, 46, 0C, 89, 5E, 04, 89, 5D, FC, 75, 2C...
 
[+]

Entropy:
6.3810

Code size:
196 KB (200,704 bytes)

The file Dbgview.exe has been seen being distributed by the following URL.