| Info |
Interesting strings found in the binary: |
Contains domain names:
- .devicedns.live.com
- .live.com
- account.live.com
- account.microsoft.com
- atdmt.com
- c.live.com
- c.msn.com
- clientconfig.passport.net
- devicedns.live.com
- go.microsoft.com
- http://clientconfig.passport.net
- http://clientconfig.passport.net/ppcrlcheck.xml
- http://clientconfig.passport.net/ppcrlconfig.srf
- http://go.microsoft.com
- http://go.microsoft.com/fwlink/?LinkId
- http://go.microsoft.com/fwlink/p/?LinkId
- http://login.live.com
- http://login.live.com/hp.srf?format
- http://schemas.microsoft.com
- http://schemas.microsoft.com/Passport/PPCRL
- http://sqm.microsoft.com
- http://sqm.microsoft.com/sqm/WindowsLive/sqmserver.dll
- http://www.microsoft.com
- http://www.microsoft.com/account/default.aspx
- http://www.w3.org
- http://www.w3.org/2000/09/xmldsig#
- https://account.live.com
- https://account.live.com/InlineSignup.aspx?iww
- https://account.live.com/Wizard/Password/Change?id
- https://account.live.com/inlinesignup.aspx?iww
- https://account.live.com/msangcwam
- https://account.microsoft.com
- https://account.microsoft.com/?ref
- https://go.microsoft.com
- https://go.microsoft.com/fwlink/?LinkId
- https://login.live.com
- https://login.live.com/ApproveSession.srf
- https://login.live.com/IfExists.srf?uiflavor
- https://login.live.com/ListSessions.srf
- https://login.live.com/ManageApprover.srf
- https://login.live.com/ManageLoginKeys.srf
- https://login.live.com/RST.srf
- https://login.live.com/RST2.srf
- https://login.live.com/didtou.srf
- https://login.live.com/getrealminfo.srf
- https://login.live.com/getuserrealm.srf
- https://login.live.com/ppsecure/DeviceAssociate.srf
- https://login.live.com/ppsecure/DeviceDisassociate.srf
- https://login.live.com/ppsecure/DeviceQuery.srf
- https://login.live.com/ppsecure/DeviceUpdate.srf
- https://login.live.com/ppsecure/EnumerateDevices.srf
- https://login.live.com/ppsecure/GetUserKeyData.srf
- https://login.live.com/ppsecure/InlineClientAuth.srf
- https://login.live.com/ppsecure/InlineConnect.srf?id
- https://login.live.com/ppsecure/InlineDesktop.srf
- https://login.live.com/ppsecure/InlineLogin.srf?id
- https://login.live.com/ppsecure/InlinePOPAuth.srf?id
- https://login.live.com/ppsecure/ResolveUser.srf
- https://login.live.com/ppsecure/SHA1Auth.srf
- https://login.live.com/ppsecure/deviceaddcredential.srf
- https://login.live.com/ppsecure/devicechangecredential.srf
- https://login.live.com/ppsecure/deviceremovecredential.srf
- https://login.live.com/resetpw.srf
- https://login.live.com/retention.srf
- https://signup.live.com
- https://signup.live.com/signup.aspx
- login.live.com
- microsoft.com
- office.live.com
- passport.net
- ppauthz.com
- schemas.microsoft.com
- signup.live.com
- sqm.microsoft.com
- windowsmarketplace.com
- workspace.office.live.com
- www.microsoft.com
- www.w3.org
|
| Suspicious |
The PE is possibly packed. |
The PE only has 0 import(s).
|
| Info |
The PE is digitally signed. |
Signer: Microsoft Corporation
Issuer: Microsoft Code Signing PCA 2010
|
| Safe |
VirusTotal score: 0/67 (Scanned on 2021-04-16 01:42:36) |
All the AVs think this file is safe.
|