home

NativeInstaller.exe

微软壁纸

上海美斯恩网络通讯技术有限公司

Publisher:
Microsoft Corporation  (signed by 上海美斯恩网络通讯技术有限公司)

Product:
微软壁纸

Version:
1.0.356.01

MD5:
19857e8b6f24586e0eb97f2e4c3bb488

SHA-1:
1028e6facc12d75cf19962018c4924536568665b

SHA-256:
8f304815c258a0ba00a97aa7d8673455a7ae5719a7d9007d75187726ef7583a3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:55:56 AM UTC  (today)

File size:
8.8 MB (9,247,568 bytes)

Product version:
1.0.356.01

Copyright:
©2014 Microsoft Corporation. All rights reserved.

Original file name:
NativeInstaller.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\c382.tmp

Digital Signature
Signed by:
上海美斯恩网络通讯技术有限公司

Authority:
WoSign eCommerce Services Limited

Valid from:
6/27/2012 1:59:00 PM

Valid to:
7/1/2015 11:03:06 AM

Subject:
E=j-hogao@microsoft.com, CN=上海美斯恩网络通讯技术有限公司, O=上海美斯恩网络通讯技术有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1CD7A9516EBD55

File PE Metadata
Compilation timestamp:
2/6/2015 10:39:52 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:mdqZru+jUmVYD6N93WWV7XiDKbwrZ/lXTb6sVt7ARFpI6lJezg2BB5R6Jo7OZYdh:meCivuDw3WY7XiDKG9dYpI6lJeFxrHf

Entry address:
0x5AADF

Entry point:
E8, 70, BF, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 53, 8B, 5D, 10, 57, 33, FF, 85, DB, 75, 14, E8, AB, 4B, 00, 00, C7, 00, 16, 00, 00, 00, E8, E6, 97, 00, 00, 33, C0, EB, 73, 56, 68, BC, 03, 00, 00, 6A, 01, E8, F8, 4E, 00, 00, 8B, F0, 59, 59, 85, F6, 74, 49, E8, DF, 85, 00, 00, FF, 70, 6C, 56, E8, 5D, 86, 00, 00, 8B, 45, 14, 83, 4E, 04, FF, 89, 46, 58, 8B, 45, 1C, 59, 59, 89, 5E, 54, 85, C0, 75, 03, 8D, 45, 10, 50, FF, 75, 18, 56, 68, 49, AC, 45, 00, FF, 75, 0C, FF, 75, 08, FF, 15, E8, 71, 47, 00, 85, C0...
 
[+]

Entropy:
7.5291

Code size:
471.5 KB (482,816 bytes)

Scan NativeInstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.