home

osgs14-windowssetupbox-32bitand64bit-english-4141408.exe

Windows 8.1 Assistant

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from go.redirectingat.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Windows 8.1 Assistant

Version:
6.3.9600.17085 (winblue_gdr.140330-1035)

MD5:
26a952bf8de88d2fe1f0c5aab51ec21e

SHA-1:
382addf27754d3577494bdfa3cac1ba8309b31fc

SHA-256:
5436e779575647dbafea0667eb41bd88813a95bcaaac485665b12dd35d042d9c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/24/2024 12:22:52 AM UTC  (today)

File size:
6.1 MB (6,431,728 bytes)

Product version:
6.3.9600.17085

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
Windows 8.1 Assistant

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
1/24/2013 2:33:39 PM

Valid to:
4/24/2014 3:33:39 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000B011AF0A8BD03B9FDD0001000000B0

File PE Metadata
Compilation timestamp:
3/30/2014 4:41:25 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:vGcbjhuJtohexcvtNBmCNw3Wnmqk6n6fV+UDlOGHBKrFl4wh7B5AVzsVuze1Gjty:tbj8vooctNUC0qYc3GAFbnSz9eIjG0y

Entry address:
0x786B

Entry point:
E8, 98, 07, 00, 00, E9, 05, 00, 00, 00, CC, CC, CC, CC, CC, 6A, 58, 68, 18, B1, 40, 00, E8, 56, 08, 00, 00, 33, DB, 89, 5D, E0, 89, 5D, FC, 8D, 45, 98, 50, FF, 15, 6C, D0, 40, 00, C7, 45, FC, FE, FF, FF, FF, C7, 45, FC, 01, 00, 00, 00, 64, A1, 18, 00, 00, 00, 8B, 78, 04, 8B, F3, BA, E4, CB, 40, 00, 8B, CF, 33, C0, F0, 0F, B1, 0A, 85, C0, 74, 07, 3B, C7, 75, 16, 33, F6, 46, 83, 3D, E8, CB, 40, 00, 01, 75, 17, 6A, 1F, E8, C1, 05, 00, 00, 59, EB, 43, 68, E8, 03, 00, 00, FF, 15, 68, D0, 40, 00, EB, C8, 39, 1D...
 
[+]

Entropy:
7.9693  (probably packed)

Code size:
40.5 KB (41,472 bytes)

The file osgs14-windowssetupbox-32bitand64bit-english-4141408.exe has been seen being distributed by the following 31 URLs.

http://go.redirectingat.com/?id=1402X558040&site=tomshardware.co.uk&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=271128&xguid=84856325af64f922688b91743758edbc&xuuid=9d752c06c7782c5234cda0ded845bb31&xsessid=c63ded7b8a3dab1a09692cd2bdcdc27d&xcreo=0&xed=0&sref=http://www.tomshardware.co.uk/answers/id-1800781/windows-iso-file.html&pref=https://.../&xtz=-180

http://www.tamindir.com/indir/MjAxNy0wMS0yNiAxNDo0NzowMA==/windows-81-yukleme-medyasi-olusturma-araci/windows/.../

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=iv1ya5c46s000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=irmqe49070000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

http://go.redirectingat.com/?id=1402X558040&site=tomshardware.co.uk&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=271128&xguid=f2829b1b0ff9edf35a348fec20a00490&xuuid=bdb84d76d2cebc820b4ce111ec0857dc&xsessid=c12b6effef4869928705a2490fb5c219&xcreo=0&xed=0&sref=http://www.tomshardware.co.uk/answers/id-1800781/windows-iso-file.html&pref=https://.../&xtz=-60&abp=1

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=iwiloggrro000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=it250bk8n8000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=imhfed8z68000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

http://go.redirectingat.com/?id=1402X558040&site=tomshardware.co.uk&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=271128&xguid=7f655c060a878c07c11ba7865e8f68fc&xuuid=eb229134048b024a2fda003dbdf991eb&xsessid=13a22e1b159e3c142530545d22c1039b&xcreo=0&xed=0&sref=http://www.tomshardware.co.uk/answers/id-1800781/windows-iso-file.html&pref=https://.../&xtz=-120

http://www.tamindir.com/indir/MjAxNi0xMC0wNyAyMDoxNzo1OA==/windows-81-yukleme-medyasi-olusturma-araci/windows/.../

http://go.redirectingat.com/?id=1402X558040&site=tomshardware.co.uk&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=271128&xguid=1433fd9d4aa24066c4888264508bfdc8&xuuid=a20d25553decca2e11ee6c24dcada88e&xsessid=1398a0137bdcc99de65a6d0775b2f92f&xcreo=0&xed=0&sref=http://www.tomshardware.co.uk/answers/id-1800781/windows-iso-file.html&pref=https://.../&xtz=-120

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=iuiysorzgf000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

https://aka.ms/Win81ISO

http://winbanquyen.com/.../WindowsSetupBox81.exe

http://go.skimresources.com/?id=1402X558040&site=tomshardware.co.uk&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=271128&xguid=&xuuid=1a5472ecf0a6eaf11bc239ffad35faba&xsessid=&xcreo=0&xed=0&sref=http://www.tomshardware.co.uk/answers/id-1800781/windows-iso-file.html&pref=https://.../&xtz=-60&abp=1

temp:OSGS14-WindowsSetupBox-32bitand64bit-English-4141408.exe

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=igrcgjpfcj000a1702e0q&murl=http://go.microsoft.com/fwlink/.../?linkid=271128

http://go.redirectingat.com/?id=1402X558040&site=tomshardware.co.uk&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=271128&xguid=608f196fc57f4ce7d74d56d2de2f38a9&xuuid=6d803a0296fcd83dc1bfb58f52bffa05&xsessid=31418d481a6af395a26e0e2a27b2ec35&xcreo=0&xed=0&sref=http://www.tomshardware.co.uk/answers/id-1800781/windows-iso-file.html&pref=https://.../&xtz=-120&abp=1

https://onedrive.live.com/.../ln2APGn14dP29iuD jl8KEB2z RZv0=9

http://click.linksynergy.com/deeplink?id=XdSn0e3h3*k&mid=24542&u1=412831M1M151226073355WKA&murl=http://go.microsoft.com/fwlink/.../?LinkId=271128

http://api.viglink.com/api/click?format=go&jsonp=vglnk_143277366288012&key=984ed3ed6aa9a69986f88d56d10e7616&libId=ia7g9uaq01000a17000DAf8boqzu3&loc=http://www.tomshardware.com/answers/id-1800781/windows-iso-file.html&v=1&out=http://go.microsoft.com/fwlink/.../?linkid=271128&ref=https://www.google.com.au/&title=I need a windows 8 ISO file [Solved] - Windows 8 - Windows 8&txt=http://go.microsoft.com/fwlink/.../?linkid=271128

http://api.viglink.com/api/click?format=go&jsonp=vglnk_143333822529411&key=984ed3ed6aa9a69986f88d56d10e7616&libId=iagskjm401000a17000DLbt6hzbgh&loc=http://www.tomshardware.com/answers/id-1800781/windows-iso-file.html&v=1&out=http://go.microsoft.com/fwlink/.../?linkid=271128&ref=https://www.google.com/&title=I need a windows 8 ISO file [Solved] - Windows 8 - Windows 8&txt=http://go.microsoft.com/fwlink/.../?linkid=271128

http://api.viglink.com/api/click?format=go&jsonp=vglnk_14290788374408&key=984ed3ed6aa9a69986f88d56d10e7616&libId=i8icmxr501000a17000DAjesqu8fe&loc=http://www.tomshardware.com/answers/id-1800781/windows-iso-file.html&v=1&out=http://go.microsoft.com/fwlink/.../?linkid=271128&ref=https://www.google.ca/&title=I need a windows 8 ISO file [Solved] - Windows 8 - Windows 8&txt=http://go.microsoft.com/fwlink/.../?linkid=271128

http://go.microsoft.com/fwlink/.../?LinkId=271128&wt.mc_id=&oemreferralid=&source=msstore&accountcountry=CA&locale=en-US

http://api.viglink.com/api/click?format=go&jsonp=vglnk_14154296665289&key=984ed3ed6aa9a69986f88d56d10e7616&libId=610a8609-9020-4154-89ed-0014cf4e56db&loc=http://www.tomshardware.com/answers/id-2116700/legitimate-key-media-pro-iso.html&v=1&out=http://go.microsoft.com/fwlink/.../?linkid=271128&ref=http://www.tomshardware.com/answers/id-2362224/legitimate-copy-windows-pro.html&title=Help - I have a legitimate key but no media! Where do I get an 8.1 Pro ISO? [Solved] - ISO - Windows 8&txt=http://go.microsoft.com/fwlink/.../?linkid=271128

http://go.microsoft.com/.../?LinkID=271128

http://go.microsoft.com/fwlink?LinkID=271128

https://go.microsoft.com/fwlink/.../?linkid=271128

http://aka.ms/Win81ISO

http://web.esd.microsoft.com/W81S14DL/.../OSGS14-WindowsSetupBox-32bitand64bit-English-4141408.exe

Latest 30 of 31 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.