xblive.exe

Microsoft Windows Operating System

Huang Liyun

It runs as a separate (within the context of its own process) windows Service named “Xbox Live Network Service”.
Publisher:
Microsoft Corporation  (signed by Huang Liyun)

Product:
Microsoft Windows Operating System

Description:
Microsoft XBox Live

Version:
6.3.9600.17284 (aaa.140822-1915)

MD5:
43559b8179504da3734991d452469935

SHA-1:
682b8177e360d2b4bef0fbf87e419f397a3954ff

SHA-256:
a4074dbcabc6468e90f705031181d47f0ac74a4f3881067deb5cd531ced7b235

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 8:26:25 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Mutabaha.2670
9.0.1.05190

ESET NOD32
Win64/Egguard.F trojan
6.3.12010.0

File size:
6 MB (6,342,584 bytes)

Product version:
xbox 4.0

Copyright:
Microsoft Corporation. All rights reserved.

Original file name:
xbox.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\xbox\xblive.exe

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
5/10/2016 1:52:17 PM

Valid to:
5/10/2017 1:52:17 PM

Subject:
CN=Huang Liyun, L=Tangshan, S=Hebei, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
1A1C8242C0D3B3F640B48C854D2D3273

File PE Metadata
OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
3.0

Entry address:
0x5E960

Entry point:
48, 8D, 74, 24, 08, 48, 8B, 3C, 24, 48, 8D, 05, 10, 00, 00, 00, FF, E0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, 8D, 05, 89, C5, FF, FF, FF, E0, 00, 00, 00, 00, 00, 00, 00, 51, 48, 8B, 01, 48, 8B, 71, 10, 48, 8B, 49, 08, 65, 48, 8B, 3C, 25, 30, 00, 00, 00, C7, 47, 68, 00, 00, 00, 00, 48, 81, EC, 80, 00, 00, 00, 83, F9, 04, 7E, 11, 83, F9, 10, 7E, 02, CD, 03, 48, 89, E7, FC, F3, 48, A5, 48, 89, E6, 48, 8B, 0E, 48, 8B, 56, 08, 4C, 8B, 46, 10, 4C, 8B, 4E, 18, FF, D0, 48, 81, C4, 80, 00, 00...
 
[+]

Entropy:
5.3202

Code size:
5.9 MB (6,216,704 bytes)

Service
Display name:
Xbox Live Network Service

Service name:
XBox

Type:
Win32OwnProcess


Scan xblive.exe - Powered by Reason Core Security