» 55fd768b40ccf1286dd7555398e4116f2888fb3a
Overview
Analysis
File Details
Downloads (226)

55fd768b40ccf1286dd7555398e4116f2888fb3a

Self-Extracting Cabinet

Microsoft Corporation

File name:

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Windows® Operating System

Description:

Self-Extracting Cabinet

Version:

5.1.41212.0

MD5:

621f6c89349d136dd8d95149ec7bf1f3

SHA-1:

55fd768b40ccf1286dd7555398e4116f2888fb3a

SHA-256:

c658baf950f26279dc9115d952edf2426fe1115888ede53ba08cbc9166868c1a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

11/23/2024 3:30:38 PM UTC (today)

File size:

12.6 MB (13,163,744 bytes)

Product version:

5.5.0031.0

Original file name:

SFXCAB.EXE

Language:

English (United States)

Common path:

C:\windows\temp\ltcache\niniteupdates\55fd768b40ccf1286dd7555398e4116f2888fb3a

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

6/4/2015 1:42:45 PM

Valid to:

9/4/2016 1:42:45 PM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

330000010A2C79AED7797BA6AC00010000010A

File PE Metadata

Compilation timestamp:

6/24/2004 8:14:00 PM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

196608:U7c+oNEP+GmBCEemSp5++olPFq/PZixv3cbRq7h9EASK0rjUiarvi1qq82T/:UXOSeeDO+olP0oxfj7h9EpPQr8qq82T/

Entry address:

0x5892

Entry point:

E9, 68, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9... 
[+]

Entropy:

7.9999

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

30 KB (30,720 bytes)

The file 55fd768b40ccf1286dd7555398e4116f2888fb3a has been seen being distributed by the following 50 URLs.

http://80.17.2.210/data/7ac1a0d0799aa032/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://indir.gezginler.net/i/4213/343231335f323031372d30312d3036/.../

http://182.190.4.106/data/0784d030454c9fa6/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://68.106.66.116/data/343f90b024c80ec7/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://indir.gezginler.net/i/4213/343231335f323031372d30312d3131/.../

http://microsoft-silverlight.fi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqaOop2imJ0=

http://go2.microsoft.com/.../?LinkID=124807

http://indir.gezginler.net/i/4213/343231335f323031362d31302d3136/.../

http://indir.gezginler.net/i/4213/343231335f323031372d30322d3138/.../

http://107.167.222.162/data/8df160a04714bf5e/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://go2.microsoft.com/.../?LinkId=116053&v=5.0.61118.0

http://187.72.248.53/data/ae5570606c2966aa/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://212.131.108.154/data/b5d5505004ea8b9b/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://201.31.162.86/cache/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://softcache.connect.net.pk:443/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://indir.gezginler.net/i/4213/343231335f323031362d30312d3235/x64//

http://download.microsoft.com/download/1/F/6/1F637DB3-8EF9-4D96-A8F1-909DFD7C5E69/.../Silverlight_x64.exe

http://proxy11.policiamilitar.sp.gov.br/4:32400:14400:0000000057fe7005/2682e5ed09cf81691a7625d121b865c3968264be681b598591148986998ade32/1476188105/http://download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://go.microsoft.com/.../?LinkID=149156&v=5.1.10411.0

http://prosperent.com/click/api/linkaffiliator/userId/417234/apikey/8ef3729e11bffc23bdd3637c6257f2f7/sid/5_c3_49592x1346xFbEnch/location/http://adrs.me/bdYPhSaub/url/http://go.microsoft.com/.../?LinkID=229321

http://80.17.2.198/data/6883b0103592908f/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://212.131.124.2/data/965a6080340b3ae6/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

https://start.sykehuspartner.no/f5-w-687474703a2f2f646f776e6c6f61642e6d6963726f736f66742e636f6d$$/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://212.131.124.102/data/54b610306eb3ff74/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://198.207.23.13/data/526df0704503e66f/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://microsoft-silverlight.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPKkUwtc0rZ9Fr5R3jgOVmV2tVr16VWcyxfzNzJE5GUTJEz1xZ6B9QvgBtXWAE9PvUvEN7YJQ8kZfxKzQXjq9FR8NrfsYK92ZEIr0rxvG7gtuqNMNZuUG4/.../FC5usC3eNw02Qq734QOi8S4INefCJakMXALs5QZpl0pZMUGOR HQ9Np0ViAtU4Pm5BU

http://indir.gezginler.net/i/4213/343231335f323031362d31312d3330/.../

http://212.131.108.118/data/d59cf0004a440ba8/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://177.205.9.217/data/aa9ea08059227263/download.microsoft.com/download/5/3/D/53D3880B-25F8-4714-A4AC-E463A492F96E/.../Silverlight_x64.exe

http://indir.gezginler.net/i/4213/343231335f323031362d30392d3032/.../

Latest 30 of 226 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.