The officedeploymenttool 18730 20142 exe Microsoft Corporation File Malware Analysis
Gridinsoft Logo
File Icon

The officedeploymenttool_18730-20142.exe File Analysis

Updated 23 days ago
Checked by Malware Check
officedeploymenttool_18730-20142.exe

Technical Analysis

File Name officedeploymenttool_18730-20142.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.225.174
Database Version 2025-09-20 20:00:24 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
3,801,104
File Size (bytes)
2025-09-20
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
6b9e3c60e36fa145293f477edb9440bf
SHA1
3eb54fbac75e007e8e29fedc08b23e9553f6283d
SHA256
973d0b835ee5400369b6f6221a5d769434d65b724db7f19ccd0afe574dc64f2b
SHA512
67b55e682f3cae8a491da6ae33e62266fad08cea27cea3b3a58e2364d83980ddd66d4b4653a0cc9e0ca27909cb26d8764b2587a128c2fb8d00ad76bc3d636eae
ImpHash
6f30c937f066c7104f9b38f786e04a8b

PE Analysis

Basic Information

Icon
Hash: 7d46f4a81b3d747e911a7afbe2775658
Fuzzy: 962c4e009b0a51701b23c5adbf2f2298
dHash: c1dcdccda6a8cec6
Image Base 0x00400000
Entry Point 0x00420d87
Compilation Time 2025-05-02 23:41:27
Checksum 0x003a8bfc (Actual: 0x003a8bfc)
OS Version 6.1
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path d:\dbs\el\omr\target\x86\ship\ses\x-none\opatchinst.pdb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Digital Signature OK
Imports 1 libraries
KERNEL32
Exports 0 functions
Resources 13 Resources
Sections 6 Sections

Version Information

CompanyName Microsoft Corporation
FileVersion 16.0.18730.20142
LegalTrademarks1 Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2 Windows® is a registered trademark of Microsoft Corporation.
ProductVersion 16.0.18730.20142
Translation 0x0000 0x04e4
CompanyName Microsoft Corporation
FileDescription
FileVersion 16.0.18730.20142
InternalName
LegalTrademarks1 Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2 Windows® is a registered trademark of Microsoft Corporation.
OriginalFilename
ProductName
ProductVersion 16.0.18730.20142
Translation 0x0000 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 235,754 bytes 236,032 bytes 6.59 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 2ABB9D17C823B7492AC25B74980FD64F
.rdata 0x0003b000 86,660 bytes 87,040 bytes 5.07 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7CE879CB233C1511B6CB4DAFED0D8A5E
.data 0x00051000 10,908 bytes 8,192 bytes 4.19 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 61E72882BD71163BD713753140DE0FFB
.fptable 0x00054000 128 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x00055000 14,164 bytes 14,336 bytes 4.04 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ A19DDF17CF5D7342D7395925B450D3B5
.reloc 0x00059000 15,984 bytes 16,384 bytes 6.63 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 7DF20CEED71E2199491A776D32A7037C
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 13 (13,375 bytes)
Resource Type Count Total Size Percentage
RT_ICON 2 1,040 bytes
7.8%
RT_DIALOG 6 1,652 bytes
12.4%
RT_RCDATA 1 7,878 bytes
58.9%
RT_GROUP_ICON 1 34 bytes
0.3%
RT_VERSION 2 1,960 bytes
14.7%
RT_MANIFEST 1 811 bytes
6.1%

Certificate Chain Analysis

Certificate Information
File Version 16.0.18730.20142
Signing Date 07:00 AM 05/03/2025 (163 days ago)
Verification Status Signed
Signers Microsoft Corporation; Microsoft Code Signing PCA 2010; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Certificate Chain Summary
Microsoft Corporation #1 Primary
Validity Period: 2024-08-22 19:25:57 → 2025-07-05 19:25:57
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 05 A6 58 10 67 4B 3D 6C 7C F6 00 00 00 00 05 A6
Microsoft Code Signing PCA 2010 #2 Chain
Validity Period: 2010-07-06 20:40:17 → 2025-07-06 20:50:17
Signature Algorithm: sha256RSA
Serial Number: 61 0C 52 4C 00 00 00 00 00 03
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2025-01-30 19:42:58 → 2026-04-22 19:42:58
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 0B 11 9D 56 29 92 F9 BF 85 00 01 00 00 02 0B
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware