home

explorer.exe

Windows Explorer

Microsoft Corporation

This is the core UI for Windows, a resource-browsing and management application that provides the ability to taverse the operating system, manage files and the desktop. It is included with the Windows 7 OS. The file has been seen being downloaded from download1398.mediafire.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Windows Explorer

 
Part of the Windows 7 Operating System

Version:
6.1.7600.16385 (win7_rtm.090713-1255)

MD5:
2626fc9755be22f805d3cfa0ce3ee727

SHA-1:
d76db4dcd710be9c3314cff94824933847565372

SHA-256:
c82149baca8d91b3ff1a189ca5dc814701e79bbb14798cd5766593b1206a1baa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/23/2024 10:43:25 AM UTC  (today)

File size:
2.5 MB (2,614,272 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
EXPLORER.EXE.MUI

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\explorer.exe

File PE Metadata
Compilation timestamp:
10/30/2009 8:35:29 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:bwPz1ubtHXPUvYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9ojoso2xno4cv:EPcbtcvYYYYYYYYYYYRYYYYYYYYYYE3h

Entry address:
0x2A8CB

Entry point:
E8, 93, F6, FF, FF, 6A, 5C, 68, 00, AA, 02, 01, E8, D8, 41, 00, 00, 33, DB, 89, 5D, E4, 89, 5D, FC, 8D, 45, 94, 50, FF, 15, 88, 12, 00, 01, C7, 45, FC, FE, FF, FF, FF, C7, 45, FC, 01, 00, 00, 00, 64, A1, 18, 00, 00, 00, 8B, 70, 04, 89, 5D, E0, BF, EC, 1F, 0B, 01, 53, 56, 57, FF, 15, 0C, 11, 00, 01, 3B, C3, 0F, 85, 3C, F2, 02, 00, 33, F6, 46, A1, 74, 11, 0B, 01, 3B, C6, 0F, 84, 4B, F2, 02, 00, A1, 74, 11, 0B, 01, 85, C0, 0F, 85, 1A, 01, 00, 00, 89, 35, 74, 11, 0B, 01, 68, FC, A9, 02, 01, 68, F0, A9, 02, 01...
 
[+]

Entropy:
5.9342

Code size:
700.5 KB (717,312 bytes)

Autoplay Handler
Display name:
MSOpenFolder


Shell Open Command
Open type:
SHCmdFile

Command:
C:\windows\explorer.exe


The file explorer.exe has been seen being distributed by the following 9 URLs.

http://download1398.mediafire.com/974dj9a2f6fg/.../explorer.exe

http://download1169.mediafire.com/m6h3nh6x38pg/.../explorer.exe

http://download1169.mediafire.com/miv5839k51ng/.../explorer.exe

http://download1398.mediafire.com/moap8r7ea14g/.../explorer.exe

http://download1169.mediafire.com/1ai8ddpty0cg/.../explorer.exe

https://mega.nz/persistent/.../TAhyCDII

http://download1398.mediafire.com/48rs8lry9flg/.../explorer.exe

http://download1231.mediafire.com/26ed64n79h6g/.../explorer.exe

https://mega.nz/temporary/.../TAhyCDII

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.