home

sidebar.exe

Windows Desktop Gadgets

Microsoft Corporation

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Sidebar’.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Windows Desktop Gadgets

Version:
6.2.9200.16384 (win8_rtm.120725-1247)

MD5:
64a9c234d0ec8ab1a87c46c4f9bb5075

SHA-1:
c5a74193a5ce1ff0bd40bbc7c117b19a121e7acf

SHA-256:
ba1a8eb97460b532b506304124c30cec344c9917a972d6804df4cdf5946c9a51

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 10:20:55 PM UTC  (today)

File size:
1.4 MB (1,475,072 bytes)

Product version:
1.0.9200.16384

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
sidebar.EXE.MUI

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\windows sidebar\sidebar.exe

File PE Metadata
Compilation timestamp:
11/20/2010 5:24:07 AM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:fn/dgODHv1Un0GzV1xLnRWbQbY3dX6XAEyhhLh7hekLTOD:3dgODMRlbLDwhLh7hnfS

Entry address:
0x152AC

Entry point:
48, 83, EC, 28, E8, 97, CD, FF, FF, 48, 83, C4, 28, EB, 15, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 48, 89, 74, 24, 08, 48, 89, 7C, 24, 10, 41, 54, 48, 81, EC, B0, 00, 00, 00, 83, 64, 24, 20, 00, 48, 8D, 4C, 24, 40, FF, 15, 9D, 2F, 09, 00, 90, 65, 48, 8B, 04, 25, 30, 00, 00, 00, 48, 8B, 78, 08, 33, F6, 33, C0, F0, 48, 0F, B1, 3D, 72, 4E, 0C, 00, 0F, 85, 57, 60, 01, 00, 8B, 05, A6, 52, 0C, 00, 83, F8, 01, 0F, 84, 67, 60, 01, 00, 8B, 05, 97, 52, 0C, 00, 85, C0, 0F...
 
[+]

Entropy:
6.6483

Code size:
666.5 KB (682,496 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Sidebar

Command:
C:\Program Files\windows sidebar\sidebar.exe \autorun


Scan sidebar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.