OneDriveSetup.exe

Windows Live

Microsoft Corporation

This is installed with Microsoft OneDrive. The file has been seen being downloaded from go.microsoft.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Windows Live

Description:
Microsoft OneDrive Setup

Version:
17.3.4726.0226

MD5:
4e0ea5397212c64154cdcbd0f3710a8a

SHA-1:
11da80aa10607f9efe55cb68e796a1d677b95995

SHA-256:
035c098ee2b4f6254c76e09a7f52e912aee0781aa470b1094b55a2ee2be8c72a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/23/2024 10:22:45 AM UTC  (today)

File size:
6.9 MB (7,210,656 bytes)

Product version:
17.3.4726.0226

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
OneDriveSetup.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\bitd68.tmp

Digital Signature
Authority:
Microsoft Corporation

Valid from:
4/22/2014 10:39:00 AM

Valid to:
7/22/2015 10:39:00 AM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000CA6CD5321235C4E1550001000000CA

File PE Metadata
Compilation timestamp:
2/26/2015 1:23:53 AM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
196608:RVzmTWwfK5GU3RbkBDBAGWktMXilXoEIxHnyws:GCwfSp3aBNAVtX6oEd3

Entry address:
0x1ED1C

Entry point:
E8, 56, 35, 00, 00, E9, 81, FE, FF, FF, CC, CC, CC, CC, CC, E9, EA, 39, 00, 00, CC, CC, CC, CC, CC, FF, 35, F0, 1C, 4A, 00, FF, 15, F0, 82, 4A, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, B7, 2C, 00, 00, 6A, 01, 6A, 00, E8, 00, 3A, 00, 00, 83, C4, 0C, E9, 1C, 3A, 00, 00, CC, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, D4, 3C, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, 30, 3C, 00, 00, 59, 85, C0, 74, E6, C9, C3, 6A, 01, 8D, 45, FC, 50, 8D, 4D, F0, C7, 45, FC, 50, 14, 40, 00, E8, BE, 22, 00...
 
[+]

Entropy:
7.8656  (probably packed)

Code size:
623.5 KB (638,464 bytes)

The file OneDriveSetup.exe has been discovered within the following program.

Microsoft OneDrive  by Microsoft Corporation
OneDrive is a file hosting service that allows users to upload and sync files to a cloud storage and then access them from a Web browser or their local device.
onedrive.live.com/about/en-us
6% remove it
 
Powered by Should I Remove It?

The file OneDriveSetup.exe has been seen being distributed by the following 46 URLs.

http://go.microsoft.com/.../?LinkID=248256&clcid=0x419

http://www.softsalad.ru/.../06b52ee51c76d07e09aeea92088fbe83

temp:OneDriveSetup.exe

Latest 30 of 46 download URLs