DW20.exe

Microsoft Application Error Reporting

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Application Error Reporting

Version:
12.0.4518.1014

MD5:
c6d0721e9156eb2a40a04bb38be0b2a5

SHA-1:
d0a3fcb3ad9f227a02d30abb767883b42fecc3a7

SHA-256:
2435e1e50c097608e6157efb1036946cfdd02d86728e8e00a02b207bee36e60d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/27/2024 3:53:26 PM UTC  (today)

File size:
794.3 KB (813,384 bytes)

Product version:
12.0.4518.1014

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
DW20.Exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\office\office.en-us\dw20.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
4/4/2006 3:43:46 PM

Valid to:
10/4/2007 3:53:46 PM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
61469ECB000400000065

File PE Metadata
Compilation timestamp:
10/26/2006 10:47:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:F3LutmkEz+PAVV/OOInO4Xs2ztR4iegxLHgZpJE4VDd+:FbutmkO+wAOInO4XrztygxLHkJE4VB

Entry address:
0x69EC5

Entry point:
E8, 9D, F6, FF, FF, E9, 35, FD, FF, FF, FF, 25, F8, 10, 00, 30, FF, 25, F4, 10, 00, 30, 68, 34, 9F, 06, 30, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 3C, 22, 02, 30, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, 68...
 
[+]

Entropy:
7.0827

Code size:
551.5 KB (564,736 bytes)

The file DW20.exe has been seen being distributed by the following 12 URLs.

ftp://172.24.1.22/downloads/Office 2007/.../DW20.EXE

ftp://192.168.200.1/Software/Office2007Br/.../DW20.EXE

http://online.b1.org/rest/online/download/office 2007.rar/office 2007/.../DW20.EXE

ftp://10.4.15.111/Software/Microsoft Products/MS Office 2007 Enterprise Edition/.../DW20.EXE

ftp://192.168.12.100/Microsoft.Office.2007.Enterprise.SP2.Integrated-GROUPNAMEHERE/.../DW20.EXE

http://192.168.0.111/Software New/office 2007/.../DW20.EXE

ftp://10.23.123.8/Standart App/MS Office 2007 x/.../DW20.EXE

ftp://10.0.71.99/software/office 2007/.../DW20.EXE

ftp://192.168.2.254/mnt/dysk/ftpuser/programy/office 2007/.../DW20.EXE

about:internet