× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 82e1137d6cfdb678acb616221394720c746bba75f335205bed47e043069fb6ae
File name: msconfig.exe
Detection ratio: 0 / 40
Analysis date: 2009-08-28 22:38:28 UTC ( 8 years, 3 months ago ) View latest
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
AVG 20090828
AhnLab-V3 20090828
AntiVir 20090828
Antiy-AVL 20090824
Authentium 20090828
Avast 20090828
BitDefender 20090828
CAT-QuickHeal 20090828
ClamAV 20090828
Comodo 20090828
DrWeb 20090828
F-Prot 20090827
F-Secure 20090828
Fortinet 20090828
GData 20090828
Ikarus 20090828
Jiangmin 20090828
K7AntiVirus 20090828
Kaspersky 20090828
McAfee 20090828
McAfee+Artemis 20090828
Microsoft 20090828
NOD32 20090828
Norman 20090828
PCTools 20090828
Panda 20090828
Prevx 20090828
Rising 20090828
Sophos AV 20090828
Sunbelt 20090828
Symantec 20090828
TheHacker 20090828
TrendMicro 20090828
VBA32 20090828
ViRobot 20090828
VirusBuster 20090828
a-squared 20090828
eSafe 20090827
eTrust-Vet 20090828
nProtect 20090828
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.L 20090828
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name msconfig.EXE
Internal name msconfig.EXE
File version 5.1.2600.1106 (xpsp1.020828-1920)
Description System Configuration Utility
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-08-29 08:17:56
Entry Point 0x000178B6
Number of sections 3
PE sections
PE imports
RegCreateKeyExW
CloseServiceHandle
RegDeleteValueW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExA
OpenSCManagerW
RegEnumKeyExW
RegOpenKeyExW
OpenServiceW
QueryServiceConfigW
EnumServicesStatusW
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegOpenKeyExA
ChangeServiceConfigW
RegQueryValueExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
SelectObject
GetTextExtentPoint32W
GetStockObject
CreateSolidBrush
GetObjectW
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetLastError
HeapFree
CopyFileW
GetDriveTypeW
GetShortPathNameW
GetSystemInfo
lstrlenA
GetModuleFileNameW
GlobalFree
WaitForSingleObject
LoadLibraryA
FreeLibrary
HeapDestroy
HeapAlloc
GlobalUnlock
GetFileAttributesW
GlobalHandle
lstrlenW
DeleteCriticalSection
GetCurrentProcess
EnterCriticalSection
SizeofResource
GetFileSize
OpenProcess
LockResource
GetModuleHandleW
ExpandEnvironmentStringsW
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
FlushInstructionCache
GetProcessHeap
lstrcpynW
GetModuleHandleA
lstrcpyW
SetFileAttributesW
CreateThread
LoadLibraryW
MoveFileExW
SetFilePointer
GetSystemDirectoryW
FindNextFileW
CreateSemaphoreW
WriteFile
ReadFile
FindFirstFileW
lstrcmpW
lstrcatW
FreeResource
GlobalMemoryStatus
WideCharToMultiByte
lstrcmpiW
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
GlobalAlloc
FindClose
GetCommandLineW
SetEndOfFile
LeaveCriticalSection
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
CloseHandle
Ord(3820)
Ord(1775)
Ord(4197)
Ord(2438)
Ord(2362)
Ord(6024)
Ord(6919)
Ord(5298)
Ord(2980)
Ord(6371)
Ord(925)
Ord(4124)
Ord(4073)
Ord(771)
Ord(4621)
Ord(5257)
Ord(540)
Ord(2606)
Ord(3093)
Ord(5208)
Ord(5727)
Ord(940)
Ord(2933)
Ord(4433)
Ord(6654)
Ord(1203)
Ord(5237)
Ord(4616)
Ord(6278)
Ord(1900)
Ord(3494)
Ord(6370)
Ord(815)
Ord(3257)
Ord(922)
Ord(1683)
Ord(4155)
Ord(3917)
Ord(5604)
Ord(2757)
Ord(2388)
Ord(496)
Ord(4425)
Ord(3471)
Ord(5845)
Ord(3092)
Ord(3076)
Ord(6874)
Ord(1633)
Ord(6655)
Ord(5284)
Ord(5285)
Ord(6921)
Ord(6279)
Ord(1899)
Ord(2293)
Ord(4272)
Ord(617)
Ord(6868)
Ord(489)
Ord(825)
Ord(5605)
Ord(5710)
Ord(801)
Ord(641)
Ord(5276)
Ord(2755)
Ord(4401)
Ord(3470)
Ord(2506)
Ord(5706)
Ord(5273)
Ord(942)
Ord(1767)
Ord(384)
Ord(4480)
Ord(4229)
Ord(1008)
Ord(823)
Ord(3087)
Ord(6139)
Ord(4970)
Ord(4269)
Ord(5461)
Ord(4709)
Ord(3172)
Ord(2504)
Ord(6048)
Ord(3142)
Ord(3131)
Ord(4219)
Ord(800)
Ord(5157)
Ord(4736)
Ord(1569)
Ord(4899)
Ord(541)
Ord(6051)
Ord(5618)
Ord(2859)
Ord(2613)
Ord(2520)
Ord(4435)
Ord(2047)
Ord(5283)
Ord(6563)
Ord(1771)
Ord(2977)
Ord(2116)
Ord(4418)
Ord(533)
Ord(2046)
Ord(4253)
Ord(4831)
Ord(538)
Ord(2442)
Ord(5154)
Ord(542)
Ord(858)
Ord(640)
Ord(4459)
Ord(686)
Ord(2377)
Ord(6211)
Ord(4050)
Ord(4419)
Ord(323)
Ord(4074)
Ord(2640)
Ord(1089)
Ord(1735)
Ord(3744)
Ord(6218)
Ord(3254)
Ord(1165)
Ord(3341)
Ord(1220)
Ord(3826)
Ord(802)
Ord(5155)
Ord(4692)
Ord(6403)
Ord(2089)
Ord(4848)
Ord(4347)
Ord(2717)
Ord(535)
Ord(2776)
Ord(5296)
Ord(4992)
Ord(4847)
Ord(1768)
Ord(4704)
Ord(3793)
Ord(4667)
Ord(927)
Ord(5193)
Ord(2971)
Ord(1720)
Ord(4075)
Ord(5679)
Ord(4371)
Ord(3313)
Ord(6219)
Ord(2756)
Ord(1131)
Ord(3733)
Ord(798)
Ord(5303)
Ord(5188)
Ord(2546)
Ord(861)
Ord(2810)
Ord(768)
Ord(5949)
Ord(561)
Ord(2809)
Ord(1143)
Ord(5261)
Ord(4829)
Ord(355)
Ord(6372)
Ord(324)
Ord(6451)
Ord(5059)
Ord(3074)
Ord(4942)
Ord(3825)
Ord(4370)
Ord(1989)
Ord(296)
Ord(4254)
Ord(5156)
Ord(3592)
Ord(2507)
LoadRegTypeLib
SysStringLen
SysAllocStringLen
RegisterTypeLib
VariantClear
SysAllocString
LoadTypeLib
SysFreeString
VarUI4FromStr
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetMalloc
ShellExecuteW
SHBrowseForFolderW
SetFocus
RegisterWindowMessageW
GetMessagePos
GetClassInfoExW
wsprintfW
EndPaint
EndDialog
BeginPaint
CallWindowProcW
DefWindowProcW
FindWindowW
ShowWindow
FillRect
SetWindowPos
GetParent
GetDlgItemTextW
SetWindowLongW
IsWindow
EnableWindow
SetCapture
ReleaseCapture
IsWindowEnabled
GetFocus
PostMessageW
GetSysColor
CheckDlgButton
GetDC
GetAsyncKeyState
ReleaseDC
GetProcessDefaultLayout
SendMessageW
RedrawWindow
GetLastActivePopup
GetWindowLongW
SetWindowTextW
GetDlgItem
SetDlgItemTextW
GetWindow
MessageBoxW
IsIconic
ScreenToClient
InvalidateRect
GetClientRect
GetClassNameW
DialogBoxIndirectParamW
GetActiveWindow
IsDlgButtonChecked
CreateAcceleratorTableW
GetWindowTextW
IsChild
GetDesktopWindow
LoadCursorW
LoadIconW
GetWindowTextLengthW
CreateWindowExW
RegisterClassExW
SetForegroundWindow
InvalidateRgn
CharNextW
ExitWindowsEx
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
_purecall
__wgetmainargs
malloc
__p__fmode
_ftol
__dllonexit
_cexit
_controlfp
_CxxThrowException
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_c_exit
__p__commode
_onexit
wcslen
wcscmp
exit
_XcptFilter
realloc
__setusermatherr
_adjust_fdiv
_wcmdln
__CxxFrameHandler
_wcsicmp
wcscoll
_exit
wcsncpy
_wmakepath
free
ceil
wcscat
wcsncmp
_wtol
_itow
wcscpy
iswdigit
_initterm
__set_app_type
_wtoi
CoInitializeEx
OleUninitialize
CoTaskMemFree
CoInitialize
OleInitialize
CoRevokeClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CLSIDFromProgID
OleLockRunning
StringFromCLSID
CoUninitialize
CoCreateInstance
CLSIDFromString
CoRegisterClassObject
CoTaskMemAlloc
Number of PE resources by type
RT_DIALOG 17
RT_STRING 11
RT_ICON 2
RT_MANIFEST 1
REGISTRY 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 35
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.0

ImageVersion
5.1

FileSubtype
0

FileVersionNumber
5.1.2600.1106

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
32768

EntryPoint
0x178b6

OriginalFileName
msconfig.EXE

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
5.1.2600.1106 (xpsp1.020828-1920)

TimeStamp
2002:08:29 09:17:56+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
msconfig.EXE

ProductVersion
5.1.2600.1106

FileDescription
System Configuration Utility

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
112128

ProductName
Microsoft Windows Operating System

ProductVersionNumber
5.1.2600.1106

FileTypeExtension
exe

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 c574151933a88e69ee08ce6ad0ac37b4
SHA1 56f464ed3b138d75a78414b92e39f624e021923d
SHA256 82e1137d6cfdb678acb616221394720c746bba75f335205bed47e043069fb6ae
ssdeep
3072:Shqj9fPQPkElLxiN+I59VcdV+WmDxfIoWL4HZkTTDTo:Skj9ffEYncdV+WmDjWL

authentihash 102f681d30d7ba727d90711a0ca68c2d31fc527fdd57c78c88e2151ffd11028b
imphash 46cf38498ba14d571e320660a3e027ca
File size 142.0 KB ( 145408 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe nsrl trusted

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with msconfig.exe as its name. The file belongs to the Windows XP Embedded Target Designer product, more specifically in ['SW CD Windows XP Embed Trgt Des EMB #2 Eval OEM'].
VirusTotal metadata
First submission 2009-02-27 22:36:39 UTC ( 8 years, 9 months ago )
Last submission 2017-06-26 19:25:45 UTC ( 5 months, 3 weeks ago )
File names msconfig.EXE
msconfig-{d6a8f809-08f9-4780-9e26-2dc092717c07}-v813556.exe
56f464ed3b138d75a78414b92e39f624e021923d
c574151933a88e69ee08ce6ad0ac37b4
vs551uep.ja9
vs060n92.lne
vs6kgnj5.1ff
vs520os4.gna
sbs_ve_ambr_20150616185228.267_ 115338
vti-rescan
vsdl1t9c.k9d
32.ntv.exe
vsddhehb.g81
vsq515nq.npk
vs181ftp.vns
vsqe0hh7.6uo
DSB66C.dscapture.net_2017-06-26T15.23.41-0400_172.30.200.227-49840_212.27.63.129-80_c574151933a88e69ee08ce6ad0ac37b4_3.exe
msconfig.exe
vs340vn0.kiq
vsbg0h4h.p2t
oi.win32.susp.QW_c574151933a88e69ee08ce6ad0ac37b4
vs5g1gp8.etq
msconfig.exe
C574151933A88E69EE08CE6AD0AC37B4
vs5l03mm.9si
National Software Reference Library (NIST)
The National Software Reference Library (NSRL) is designed to collect software from various sources and incorporate file profiles computed from this software into a reference data set of information. This file was found in the NSRL dataset, in the following products and with the following file names.
Products Windows XP Tablet PC Edition (Microsoft)
Platforms, SDK/DDK (Microsoft)
Windows XP Professional 2002 Service Pack 1 (Microsoft)
MSDN Disc 3264 (Microsoft)
MSDN Disc 2307 (Microsoft)
MSDN Disc 2428.1 (Microsoft)
MSDN Disc 2619 (Microsoft)
Windows XP Professional (Microsoft)
MSDN Disc 2619.1 (Microsoft)
MSDN Disc 2428.2 (Microsoft)
MSDN Disc2428.3 (Microsoft)
MSDN Disc 2428.4 (Microsoft)
2261A: Supporting Users Running the Microsoft Windows XP Operating System (Microsoft)
2262A: Supporting Users Running Applications on a Microsoft Windows XP Operating System (Microsoft)
MSDN Disc 2428.5 (Microsoft)
Microsoft Windows XP Professional (Microsoft)
File names msconfig.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!