wmihost.exe

Program

Microsoft Corporation

It runs as a separate (within the context of its own process) windows Service named “Configure System”.
Publisher:
Program LLC  (signed by Microsoft Corporation)

Product:
Program

Version:
1.0

MD5:
fd5cc675ecac77f565a800e30fd48f50

SHA-1:
68ae92863e8fad07fb1cf1b733598b88c7846279

SHA-256:
6f4186d4176b99773192341ac192eac930146345070cbb10fc705fc70bde6e1c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/22/2024 8:23:07 PM UTC  (today)

File size:
727.8 KB (745,240 bytes)

Product version:
1.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\ammyy\wmihost.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
3/5/2014 1:24:46 AM

Valid to:
12/31/2039 6:59:59 PM

Subject:
CN=Microsoft Corporation

Issuer:
CN=Microsoft Corporation

Serial number:
ABCD1D330A66FCAF4E9F41A98C00207F

File PE Metadata
Compilation timestamp:
9/9/2014 7:23:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:bNgEvTkYGzXUMA7PTgM0YOg26y4RtcxcUwNZb3omaY80ZgLPj:bXTszE7PTgM0YOgA4RtcbwN1SYFqP

Entry address:
0x7C3DE

Entry point:
55, 8A, EC, 6A, FF, 68, A0, DE, 48, 00, 68, 80, C5, 47, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A4, 33, 48, 00, 59, 83, 0D, D8, 57, 4B, 00, FF, 83, 0D, DC, 57, 4B, 00, FF, FF, 15, A8, 33, 48, 00, 8B, 0D, C0, 57, 4B, 00, 89, 08, FF, 15, AC, 33, 48, 00, 8B, 0D, BC, 57, 4B, 00, 89, 08, A1, B0, 33, 48, 00, 8B, 00, A3, D4, 57, 4B, 00, E8, 31, 94, FA, FF, 39, 1D, B0, DE, 4A, 00, 75, 0C, 68, AA, C5, 47, 00, FF, 15, B4, 33...
 
[+]

Entropy:
6.6317

Code size:
520 KB (532,480 bytes)

Service
Display name:
Configure System

Service name:
ammyy

Description:
Configure Reload System

Type:
Win32OwnProcess