» wallpaper manager.exe
Overview
Analysis
File Details
Behaviors (1)

wallpaper manager.exe

DesktopPaints OU

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Animated Wallpaper’.

File name:

Publisher:

DesktopPaints OU (signed and verified)

MD5:

b8536ae512a49e4b15c79f9a00fb35ea

SHA-1:

88994bf9271cbb2137ee93bbddd071258ff0fac4

SHA-256:

df32eeade33ad4d1a6ab4a9bc3ffff60b90191ff17210fecd467db84bf8bd4dc

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/6/2024 2:43:01 AM UTC (today)

File size:

1.1 MB (1,148,640 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\animated wallpaper maker\wallpaper manager.exe

Digital Signature

Signed by:

DesktopPaints OU

Authority:

COMODO CA Limited

Valid from:

4/22/2015 5:30:00 AM

Valid to:

4/22/2020 5:29:59 AM

Subject:

CN=DesktopPaints OU, O=DesktopPaints OU, STREET=Randla 13-201, L=Tallinn, S=Harju County, PostalCode=10315, C=EE

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EB545C2B87629D799163C76E9D897E25

File PE Metadata

Compilation timestamp:

2/18/2017 11:49:16 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0x20C000

Entry point:

EB, 03, C0, 70, 19, 50, EB, 02, C5, BB, E8, 15, 00, 00, 00, EB, 03, 23, 9F, 0B, EB, 03, 86, A2, 77, 33, C0, 7B, 0C, 71, 62, EB, 03, 22, A3, B4, EB, 04, C7, 44, 67, 07, B8, 31, 48, 3B, F7, EB, 03, BB, 0B, 67, EB, 03, 20, 83, A2, 05, CF, B7, C4, 08, EB, 01, 2A, 75, 3E, EB, 02, 20, B0, 64, FF, 30, EB, 03, A2, 94, 4B, 64, 89, 20, EB, 01, 7A, EB, 05, C4, 83, 32, 0A, A6, 8B, 10, EB, 05, 69, 8F, 12, EB, 19, 64, 8F, 00, EB, 03, 88, B9, 1B, 83, C4, 04, EB, 05, 82, AB, FC, A1, C2, 58, EB, 01, E7, C3, EB, 03, 05, F9... 
[+]

Entropy:

7.8111 (probably packed)

Code size:

1.1 MB (1,203,712 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Animated Wallpaper

Command:

"C:\Program Files\animated wallpaper maker\wallpaper manager.exe" -d

Scan wallpaper manager.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.