home

dotnetframework.exe

Microsoft Systems Management Server Installer

Microsoft Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from www.acusis.com.
Publisher:
Microsoft Corporation

Product:
Microsoft Systems Management Server Installer

Version:
2.0.148.0

MD5:
612e06a5db991884d1e1f3a8adf5e0bd

SHA-1:
928ae630ce740e0e25c73b10dc7daba034512cc4

SHA-256:
2a918a681abc0e7db58b0b9c78074c50cb731dfaa15e0f2229feaeb5877013b8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:32:54 PM UTC  (today)

File size:
24.9 MB (26,110,716 bytes)

Product version:
2.0.148.0

Copyright:
Copyright (C) Microsoft Corp. 1997-2001

Original file name:
Stub.exe

File type:
Executable application (Win16 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\dotnetframework.exe

File PE Metadata
OS version:
82.13317

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
2.0

CTPH (ssdeep):
393216:O6M5I3PPiOQ8MwfAAsRWuG4SMxoqSEPBFskIhfh/17l7DjVq6+l/YAe3maRqAiP:A4K8MZVF5qnUZmZ17lHBq6+qA4iP

Entry address:
0xDA00D2

Entry point:
4D, 5A, B4, 00, 03, 00, 00, 00, 20, 00, 00, 00, FF, FF, 07, 00, 00, 01, 65, 40, 00, 00, 00, 00, 40, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9999  (probably packed)

Code size:
256 KB (262,146 bytes)

The file dotnetframework.exe has been seen being distributed by the following URL.

http://www.acusis.com/AcusisIndia/ATTACandidateTest/Debug/.../Dotnetframework.exe

Scan dotnetframework.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.