misetupfullpackage.exe

MiSetup Module

Xiaomi Technology Inc

This is a setup and installation application. The file has been seen being downloaded from bigota.d.miui.com.
Publisher:
北京小米移动软件有限公司  (signed by Xiaomi Technology Inc)

Product:
MiSetup Module

Version:
2,2,0,7241

MD5:
62d3bd3427038a67ea8772972da1f82f

SHA-1:
cb2d53dcbfa068ebd0a90840604cbfdb9b9f1413

SHA-256:
07dbfaec853a50bbbe41003426c03b5bf5341610ad9705ac58f02da0ca7018b4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 1:24:29 PM UTC  (today)

File size:
39 MB (40,904,216 bytes)

Product version:
2,2,0,7241

Copyright:
Copyright 2012

Original file name:
MiSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\misetupfullpackage.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
7/15/2015 8:00:00 AM

Valid to:
7/28/2018 7:59:59 AM

Subject:
CN=Xiaomi Technology Inc, O=Xiaomi Technology Inc, L=Beijing, S=Beijing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
42E8AE1425ABF510A0EFCDE3844200CF

File PE Metadata
Compilation timestamp:
7/24/2015 12:00:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:bVN0cJzn6lQkvee/RSwOyMxnPPS5bcCkPIYtoJ2UBziCA6GDXVbIKfW:bV+cVnjkGe/TONJPPUbDR0u1iPDlU

Entry address:
0x122B52

Entry point:
E8, 65, 23, 01, 00, E9, 7F, FE, FF, FF, 6A, 0C, 68, D8, 69, 5E, 00, E8, 58, C6, 00, 00, 33, FF, 89, 7D, E4, 33, C0, 8B, 75, 0C, 85, F6, 0F, 95, C0, 85, C0, 75, 18, E8, E5, 2F, 00, 00, C7, 00, 16, 00, 00, 00, E8, A2, A8, 00, 00, 83, C8, FF, E9, B6, 00, 00, 00, 56, E8, 64, 01, 00, 00, 59, 89, 7D, FC, F6, 46, 0C, 40, 75, 71, 56, E8, 1A, 0C, 00, 00, 59, 8B, D0, 83, FA, FF, 74, 19, 83, FA, FE, 74, 14, 8B, CA, C1, F9, 05, 83, E0, 1F, C1, E0, 06, 03, 04, 8D, C0, 6A, 5F, 00, EB, 05, B8, 18, B0, 5E, 00, F6, 40, 24...
 
[+]

Code size:
1.5 MB (1,570,304 bytes)

The file misetupfullpackage.exe has been seen being distributed by the following URL.

Scan misetupfullpackage.exe - Powered by Reason Core Security