» bingbarsetup-partner.exe
Overview
Analysis
File Details
Downloads (33)

bingbarsetup-partner.exe

BingBarSetup-Partner

Microsoft Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from 103.1.138.206 and multiple other hosts.

File name:

bingbarsetup-partner.exe

Publisher:

Microsoft Corporation (signed and verified)

Product:

BingBarSetup-Partner

Version:

7.1.362.0

MD5:

509842ccc1f9e1dcbe3a0e7a4d7d3cdf

SHA-1:

bde4ef6997279ef20509a99d4c97ba79fa9abc94

SHA-256:

b02002cdab805f1180632ab1706c4a47e9c548b9bfabbe5469fd56f61e51c3c1

Scanner detections:

1 / 68

Status:

Clean (1 false positive detection)
Whitelisted (by digital signature)

Analysis date:

11/23/2024 10:16:57 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Bing.Toolbar (L)

16.4.25.21

File size:

7.5 MB (7,850,088 bytes)

Product version:

7.1.362.0

Original file name:

WEXTRACT.EXE .MUI

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\bingbarsetup-partner.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/26/2012 10:50:41 PM

Valid to:

10/26/2013 10:50:41 PM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

3300000088590E3C511FE26A67000100000088

File PE Metadata

Compilation timestamp:

7/14/2009 1:42:43 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:/Of//4jNsSWHXNMmjBTt1d+WB6EHt+PgJtSNzUB9poX:/EXa3kVNB+WB6GINgB9poX

Entry address:

0x6AF8

Entry point:

E8, 1C, 06, 00, 00, E9, 4D, FD, FF, FF, CC, CC, CC, CC, CC, 3B, 0D, C4, C2, 00, 01, 75, 03, C2, 00, 00, E9, 98, 06, 00, 00, CC, CC, CC, CC, CC, FF, 25, 74, 12, 00, 01, CC, CC, CC, CC, CC, CC, FF, 25, 70, 12, 00, 01, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, CC, CC, CC, CC, CC, 53, 56, 57, 8B, 54, 24, 10, 8B... 
[+]

Code size:

43 KB (44,032 bytes)

The file bingbarsetup-partner.exe has been seen being distributed by the following 33 URLs.

http://103.1.138.206/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://103.3.32.206/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://201.48.251.11/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://27.123.130.139/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://113.171.226.36/msupdate-hijack/id/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE/original/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://113.171.224.21/msupdate-hijack/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://202.171.252.11:9999/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://105.232.255.252/cache/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://203.114.101.229/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://178.207.16.89/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://223.196.114.204/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://113.171.224.176/.../BingBarSetup-Partner.EXE

http://103.1.138.203/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://190.254.219.37/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://200.117.237.3/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://125.39.66.163/files/800900000002DFB3/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://softcache.connect.net.pk:443/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://201.48.127.3/msupdate-hijack/id/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE/original/download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.83/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.117/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://113.171.224.244/.../BingBarSetup-Partner.EXE

http://118.175.9.2/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://203.114.101.244/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.154/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.37/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://203.114.101.213/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.99/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://[2600:1012:b04c:255f:357c:56a4:a:6e56]:8181/http://download.microsoft.com/download/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.67/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

http://118.175.9.51/msupdate/B/B/7/BB7E57AB-CBEC-41E4-8083-5E32539DBFD0/DirectX/.../BingBarSetup-Partner.EXE

Latest 30 of 33 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.