home

xblive.exe

Microsoft Windows Operating System

Huang Liyun

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application xblive.exe, “Microsoft XBox Live” by Huang Liyun has been detected as a potentially unwanted program by 3 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Xbox Live Network Service”.
Publisher:
Microsoft Corporation  (signed by Huang Liyun)

Product:
Microsoft Windows Operating System

Description:
Microsoft XBox Live

Version:
6.3.9600.17284 (aaa.140822-1915)

MD5:
111263595aec9d2a667012519ec0b422

SHA-1:
4adb93cda672ce59b16faa9794b329f19b09b5ff

SHA-256:
d7d75b958bb1a97b9b282b94e7f0ecf0b479de0247bd66c1b03adf266b9d6c38

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 9:05:21 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160917-0

Dr.Web
Adware.Mutabaha.2670
9.0.1.05190

Kaspersky
Trojan.Win32.Ebowla
15.0.2.529

File size:
4.8 MB (4,993,976 bytes)

Product version:
xbox 4.0

Copyright:
Microsoft Corporation. All rights reserved.

Original file name:
xbox.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\xbox\xblive.exe

Digital Signature
Signed by:
Huang Liyun

Authority:
WoSign CA Limited

Valid from:
5/10/2016 1:52:17 PM

Valid to:
5/10/2017 1:52:17 PM

Subject:
CN=Huang Liyun, L=Tangshan, S=Hebei, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
1A1C8242C0D3B3F640B48C854D2D3273

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

Entry address:
0x50BC0

Entry point:
83, EC, 0C, 8B, 44, 24, 0C, 8D, 5C, 24, 10, 89, 44, 24, 04, 89, 5C, 24, 08, C7, 04, 24, FF, FF, FF, FF, E9, 01, 00, 00, 00, 00, E9, 4B, D2, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8B, 5C, 24, 04, 64, C7, 05, 34, 00, 00, 00, 00, 00, 00, 00, 89, E5, 8B, 4B, 04, 89, C8, C1, E0, 02, 29, C4, 89, E7, 8B, 73, 08, FC, F3, A5, FF, 13, 89, EC, 8B, 5C, 24, 04, 89, 43, 0C, 89, 53, 10, 64, 8B, 05, 34, 00, 00, 00, 89, 43, 14, C3, 00, 00, 00, 00, 83, EC, 18, C7, 04, 24, F4, FF, FF, FF, 89, E5, FF, 15, 50, A0...
 
[+]

Code size:
4.7 MB (4,884,992 bytes)

Service
Display name:
Xbox Live Network Service

Service name:
XBox

Type:
Win32OwnProcess


Remove xblive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.