nativeclientwsi.exe

Native Client WSI

General Electric Company

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Native Client WSI’.
Publisher:
GE Healthcare  (signed by General Electric Company)

Product:
Native Client WSI

Description:
Native Client WebSocket Interface

Version:
6.0.102.533

MD5:
3731f73d2592a205458c409cabad35dc

SHA-1:
8397dd0308ff735353f7ef7598c6cc5aefe5ada7

SHA-256:
837466c6e4c77223de61a5e7660cae36d169f13bb4008e0fee3bc0ffa604bad8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 7:35:35 AM UTC  (today)

File size:
135.3 KB (138,584 bytes)

Product version:
6.0.102.533

Copyright:
Copyright (C) 2015

Original file name:
NaClWSI.Server

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ge healthcare\native client ws interface\nativeclientwsi.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
9/8/2014 2:00:00 AM

Valid to:
11/7/2017 12:59:59 AM

Subject:
CN=General Electric Company, O=General Electric Company, L=South Burlington, S=Vermont, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1FBB002E435980074FFDDB32F94E55AD

File PE Metadata
Compilation timestamp:
4/29/2015 3:12:28 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:9HXY/ACqdGeyEMVQALIlTmg1OK0NnuTtsTBft8I2pD0Ym/pa:tJCqEnVxLGKC0NnYsTBFL2pD0Ymw

Entry address:
0x15370

Entry point:
E8, 9C, 03, 00, 00, E9, 4C, FE, FF, FF, 6A, 10, 68, A0, C9, 41, 00, E8, 5A, 01, 00, 00, 33, F6, 89, 75, E4, 89, 75, FC, 89, 75, E0, 8B, 5D, 0C, 8B, 7D, 08, 3B, 75, 10, 7D, 10, 8B, CF, FF, 55, 14, 03, FB, 89, 7D, 08, 46, 89, 75, E0, EB, EB, 33, C0, 40, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 14, 00, 00, 00, E8, 62, 01, 00, 00, C2, 14, 00, 8B, 5D, 0C, 8B, 7D, 08, 8B, 45, E4, 8B, 75, E0, 85, C0, 75, 0B, FF, 75, 18, 56, 53, 57, E8, 70, 00, 00, 00, C3, 6A, 0C, 68, C0, C9, 41, 00, E8, F2, 00, 00, 00, 83, 65...
 
[+]

Code size:
84 KB (86,016 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Native Client WSI

Command:
C:\Program Files\ge healthcare\native client ws interface\nativeclientwsi.exe


Scan nativeclientwsi.exe - Powered by Reason Core Security