osgs14-windowsupgradeassistant-32bitand64bit-clientsku-4141411.exe

Windows 8.1 Assistant

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from go.redirectingat.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Windows 8.1 Assistant

Version:
6.3.9600.17085 (winblue_gdr.140330-1035)

MD5:
491d1c5ce5ff9323be55d5c73f80099e

SHA-1:
e44e75492be30ec16edbded81d2b7e3271ca5a51

SHA-256:
9792fd4b81761104659566f52497b873f7e97f2c28450e626caa4e1ae1d7634f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/27/2024 1:16:27 AM UTC  (today)

File size:
6.1 MB (6,431,728 bytes)

Product version:
6.3.9600.17085

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
Windows 8.1 Assistant

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\osgs14-windowsupgradeassistant-32bitand64bit-clientsku-4141411.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
1/24/2013 2:33:39 PM

Valid to:
4/24/2014 3:33:39 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000B011AF0A8BD03B9FDD0001000000B0

File PE Metadata
Compilation timestamp:
3/30/2014 4:41:25 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:9GcbjhuJtohexcvtNBmCNw3Wnmqk6n6fV+UDlOGHBKrFl4wh7B5AVzsVuze1Gjtq:rbj8vooctNUC0qYc3GAFbnSz9eIjG0q

Entry address:
0x786B

Entry point:
E8, 98, 07, 00, 00, E9, 05, 00, 00, 00, CC, CC, CC, CC, CC, 6A, 58, 68, 18, B1, 40, 00, E8, 56, 08, 00, 00, 33, DB, 89, 5D, E0, 89, 5D, FC, 8D, 45, 98, 50, FF, 15, 6C, D0, 40, 00, C7, 45, FC, FE, FF, FF, FF, C7, 45, FC, 01, 00, 00, 00, 64, A1, 18, 00, 00, 00, 8B, 78, 04, 8B, F3, BA, E4, CB, 40, 00, 8B, CF, 33, C0, F0, 0F, B1, 0A, 85, C0, 74, 07, 3B, C7, 75, 16, 33, F6, 46, 83, 3D, E8, CB, 40, 00, 01, 75, 17, 6A, 1F, E8, C1, 05, 00, 00, 59, EB, 43, 68, E8, 03, 00, 00, FF, 15, 68, D0, 40, 00, EB, C8, 39, 1D...
 
[+]

Entropy:
7.9693  (probably packed)

Code size:
40.5 KB (41,472 bytes)

The file osgs14-windowsupgradeassistant-32bitand64bit-clientsku-4141411.exe has been seen being distributed by the following 50 URLs.

http://go.redirectingat.com/?id=3971X1552461&site=newatlas.com&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=261871&xguid=d12d718aa26e504a91e2171e169e465b&xuuid=e63939abe54cfaa0e810e9df267a7db0&xsessid=e9f8ebd7e3712505c9df61498e3dfe0e&xcreo=0&xed=0&sref=http://newatlas.com/upgrade-windows-7-to-windows-81/29746/&pref=https://.../&xtz=480

https://secure.giga-downloads.de/dl/.../

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=io0kurzipt0113aq02e0q&murl=http://go.microsoft.com/fwlink/.../?LinkId=261871

https://vnet.christianacare.org/W81S14DL/.../,DanaInfo=web.esd.microsoft.com OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe

https://secure.giga-downloads.de/dl/.../

http://go.redirectingat.com/?id=3971X1552461&site=newatlas.com&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=261871&xguid=a77ecbae533703d523a8c13043f1dba3&xuuid=1c239162c90a099e595dfc4d25889ed6&xsessid=253c21ab63b302d7090137cc6c8a0288&xcreo=0&xed=0&sref=http://newatlas.com/upgrade-windows-7-to-windows-81/29746/&pref=https://.../&xtz=-60

https://secure.giga-downloads.de/dl/.../

https://asistente-para-actualizacion-a-windows-8.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/.../MYWEW0AJZjZ8ty5AbA5I8=

http://go.redirectingat.com/?id=3971X1552461&site=newatlas.com&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=261871&xguid=ac36f1e9dec2df83d9e0cc31739df33b&xuuid=81a082b06b49335296c0549eb95d2b3d&xsessid=8f26b89457c36c0509480cb0f8361653&xcreo=0&xed=0&sref=http://newatlas.com/upgrade-windows-7-to-windows-81/29746/&pref=https://.../&xtz=-60

https://secure.giga-downloads.de/dl/.../

https://secure.giga-downloads.de/dl/.../

https://secure.giga-downloads.de/dl/.../

http://go.redirectingat.com/?id=68756X1529949&site=about.com/espanol&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?LinkId=261871&xguid=6a3baa0b1e95dff2b3fe396ca5ef6122&xuuid=cb8e5830fbe3e8466f98c41cd9488e3f&xsessid=8252d92e9057c1eaafb44194786c9e0d&xcreo=0&xed=0&sref=http://windowsespanol.about.com/od/Windows-8/a/Prevenir-Fallos-Windows-8-1.htm&pref=http://windowsespanol.about.com/od/Windows-8/.../Descargar-Windows-8-1.htm&xtz=360

https://secure.giga-downloads.de/dl/.../

http://wefixitonline.co.uk/.../Windows8.1UpgradeAssistant.exe

https://windows-8-upgrade-assistant.en.softonic.com/download-tracker?th=1/.../Sm GK2tvkuj2NRBh8vkb4ckaE3T58kcMj8AdkTUYbyXj1W4kgA7nJMSZXtqSQQqCf9oUAqJdDhNlE0wxFcxmLZGgqjRX9zJ2pe2vXhw3s=

http://go.redirectingat.com/?id=3971X1552461&site=newatlas.com&xs=1&isjs=1&url=http://go.microsoft.com/fwlink/p/?linkid=261871&xguid=a9c8ffe98e552dbfcb605d267f4c0a0f&xuuid=26536fd522089d3fa2c4bd18003c7cb6&xsessid=6ce0e70b78c5aef2691d39de36662704&xcreo=0&xed=0&sref=http://newatlas.com/upgrade-windows-7-to-windows-81/29746/&pref=https://.../&xtz=-330

https://secure.giga-downloads.de/dl/.../

https://secure.giga-downloads.de/dl/.../

q=http://go.microsoft.com/fwlink/.../?LinkId=261871&redir_token=RJdyWnc_6xntjLZroJbZMKsFAzl8MTQ1MzU4NDgzNUAxNDUzNDk4NDM1

Latest 30 of 56 download URLs