WM9Codecs.exe

Windows Media Component Setup Application

Microsoft Corporation

This is a self-extracting archive and installer. This is installed with Windows Media Player 11. The file has been seen being downloaded from www.lo4d.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Windows Media Component Setup Application

Version:
10.00.00.3646

MD5:
fd3b4cff36c8fe98a42f108d637a250e

SHA-1:
6f1a4b8ef8b9c5f6f5be4765b1d627edbf35dea1

SHA-256:
29a68399824469652b719f4d02bcfc0121691927a5ca937a543c24bc31add4ae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/24/2024 5:22:29 PM UTC  (today)

File size:
1.4 MB (1,416,944 bytes)

Product version:
10.00.00.3646

Copyright:
(C) Microsoft Corporation. All rights reserved.

Original file name:
WM9Codecs.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\valusoft\crashday\wm9dist\wm9codecs.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
10/25/2003 7:59:14 AM

Valid to:
1/25/2005 7:09:14 AM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
610E7DA7000000000048

File PE Metadata
Compilation timestamp:
7/22/2004 5:32:16 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:2jLkER6Nkksp7bGmSBAFLdf6uv3iiQMVOpC/GpQ0qUiAFUlXMHf2XTk/RhlofrRC:81G5stbGmSBADfR/FxVOA/bUiNXM/LaG

Entry address:
0x645C

Entry point:
E8, 0A, 00, 00, 00, E9, 7A, FF, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, D0, B2, 00, 01, 85, C0, 74, 07, 3D, 40, BB, 00, 00, 75, 4D, 56, 8D, 45, F8, 50, FF, 15, 70, 11, 00, 01, 8B, 75, FC, 33, 75, F8, FF, 15, 6C, 11, 00, 01, 33, F0, FF, 15, 68, 11, 00, 01, 33, F0, FF, 15, 64, 11, 00, 01, 33, F0, 8D, 45, F0, 50, FF, 15, 60, 11, 00, 01, 8B, 45, F4, 33, 45, F0, 33, C6, 25, FF, FF, 00, 00, 5E, 75, 05, B8, 40, BB, 00, 00, A3, D0, B2, 00, 01, F7, D0, A3, CC, B2, 00, 01, C9, C3, CC, CC, CC...
 
[+]

Entropy:
7.9702

Developed / compiled with:
Microsoft CAB SFX

Code size:
38.5 KB (39,424 bytes)

The file WM9Codecs.exe has been discovered within the following program.

Windows Media Player 11  by Microsoft Corporation
Windows Media Player 11 was included with Vista with no updates, final release on XP. Windows Media Player is a media player and media library application developed by Microsoft that is used for playing audio, video and viewing images .
windows.microsoft.com/en-US/windows/download-windows-media-player
5% remove it
 
Powered by Should I Remove It?

The file WM9Codecs.exe has been seen being distributed by the following 11 URLs.

http://www.lo4d.com/get-file/windows-media-player-9-codecs-pack/.../

https://dw.uptodown.com/dwn/DTTygtJU6UEfZbp4-nkH508e6i6c1lRrukjZ6SxB9JvdIOqVTbrnTLFKTsSvEaiMBMIj2QRnNOCJdcx6X0kmdtSeZI6ELYK7Eg3H7mdjiCRpxWCfPd-lVQgFhUeQIlYZ/AKC3dxTczZkNU9KGsqnrV3cUVBXRw8ltJ2M_fbMKvzH43_9TWKjRbPehqFvw7GNS4e4Gz7KkiGluE2iGIOeLSNmAqtUCD1NXxq9U5eNhbyvNijUlynYzbxLPZhVX9nkU/5N72ERiBW6EkAdWOsfd5DzO_j1haCq3IxYVbmOTlS1b4Ahucf90azh7ELr9bDmPX1TC7mPxjWR9WOkJBkVuVgz1sfG22oEQUXS1vK4i5T2uF63cGxLTLkrhlg1OsbAX7/.../

https://dw.uptodown.com/dwn/k7U8qQueVkNzgwRMGAtoDqYxoGb8-qEYbDpRLOdkseBWbeAsG5kfu7wdkyhI3CmRqHzDAgxkOpYV6o6GSWdlTblbbSSamNRj_Ts3DfxtDg-4nttM_jKKVrqP6WLzzrr6/vgq9taQKL8MPEdBbe1dYTRaUqzz91YOeaIYDFujyRCdtxjC-pH8jbYca6JTIbZb7GfLwC6Kq1uqfNdXUo4WDey7LM-684WBV9w_CtQToaDLV19n_pRDFA7w-rXCQqN2E/qcIlGj8UBQGtkc6Xwi8xJV9it-F7ezjY58DY7ZUlBZ0cWvWmjcgklJownkgCI_imR484kviv8Yd5pozB-i2jl3ZHzRgrFsf5bh-h6nQtL8rf6VJdlvc-ZWjH384PcLHn/.../

http://www.cakirogludugun.com/codec.exe

temp:WM9Codecs.exe