home

IESHWIZ.EXE

Microsoft Windows 2000 Operating System

Microsoft Corporation

Publisher:
Microsoft Corporation

Product:
Microsoft(R) Windows (R) 2000 Operating System

Description:
IE 4 Customize Folder Wizard

Version:
5.00.2920.0000

MD5:
027d20cc5377b5b93dc0934f4685c2ce

SHA-1:
96f87f3d7a52d552036a3ea2b67cd9db23f14d30

SHA-256:
c5513d61acd74e6674b0cff93a2801706a63a3e6fe2c3e9698d2e0e0c9dd58a5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:10:13 AM UTC  (today)

File size:
51.3 KB (52,496 bytes)

Product version:
5.00.2920.0000

Copyright:
Copyright (C) Microsoft Corp. 1981-1999

Original file name:
IESHWIZ.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
9/25/1999 11:16:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
1536:XFvgMZPx8HNDU9gkLoS3vhx6J4sAv6kXeSLX9C0soT5kb1CjwXwBQtE:XFvgMZp8tDU9roS3iyrv6kuSLX9CcT59

Entry address:
0x1D88

Entry point:
55, 8B, EC, 83, EC, 44, 56, 6A, 01, FF, 15, A8, 10, 00, 01, 8D, 45, BC, 33, F6, 50, 89, 75, E8, FF, 15, 00, 11, 00, 01, F6, 45, E8, 01, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 56, 56, FF, 15, 04, 11, 00, 01, 50, E8, 0E, 00, 00, 00, 8B, F0, 56, FF, 15, FC, 10, 00, 01, 8B, C6, 5E, C9, C3, 8B, 44, 24, 04, 6A, 00, A3, E0, 80, 00, 01, FF, 15, 88, 12, 00, 01, 85, C0, 7C, 10, E8, 9C, 00, 00, 00, E8, 00, 02, 00, 00, FF, 15, 8C, 12, 00, 01, 33, C0, C2, 10, 00, 55, 8B, EC, 53, 8B, 5D, 10, 56, 33, F6, 3B...
 
[+]

Entropy:
5.5218

Developed / compiled with:
Microsoft Visual C++

Code size:
25.5 KB (26,112 bytes)

The file IESHWIZ.EXE has been seen being distributed by the following 2 URLs.

temp:Backgroundmaker.EXE

http://dc738.4shared.com/download/.../backgroundmaker.exe

Scan IESHWIZ.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.