WeatherScreensaver deCH.exe

Wetter Bildschirmschoner

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from g.msn.com.
Publisher:
Microsoft  (signed by Microsoft Corporation)

Product:
Wetter Bildschirmschoner

Version:
2.8.5.01119.04924

MD5:
83e0e399167485e42970d6a506ddddbf

SHA-1:
107727ca4ff4a97ec730622de0cf0b6f03908643

SHA-256:
b7e8fe701e6c96849fe0c33abd708a1a2943f09d3844fd9f4927b918337c054a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/4/2024 5:03:26 PM UTC  (today)

File size:
39.4 MB (41,266,256 bytes)

Product version:
2.8.5.01119.04924

Copyright:
Copyright (C) Microsoft 2012

Original file name:
WeatherScreensaver deCH.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\weatherscreensaver dech.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
9/4/2012 11:42:09 PM

Valid to:
3/4/2013 10:42:09 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
330000009D1E8D27AEB8F3D83800010000009D

File PE Metadata
Compilation timestamp:
11/1/2012 5:49:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
786432:ultPri3K2LrNdrKBcyGF7qU/um3EHM7RhGyef+gkzx2lh2bWw/W41gu2xs:ir0pLr7KBqqm2MN2+gAx0fw/Wegts

Entry address:
0x275227E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8241

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
39.3 MB (41,223,168 bytes)

The file WeatherScreensaver deCH.exe has been seen being distributed by the following URL.