home

setup.exe

Microsoft Setup Bootstrapper

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Setup Bootstrapper

Version:
14.0.4755.1000

MD5:
f6ab7387545ccca0431dcf89bb0de8cb

SHA-1:
3aa1ce0df7a49ebf57186ea3477514fa21dd5b58

SHA-256:
916946889ad9dd85b54c0e680c957d09269efaddff57385289bc0fb3086fb0f9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/30/2024 9:10:43 AM UTC  (today)

File size:
1.3 MB (1,377,656 bytes)

Product version:
14.0.4755.1000

Copyright:
© 2010 Microsoft Corporation. All rights reserved.

Original file name:
setup.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
12/7/2009 4:40:29 PM

Valid to:
3/7/2011 4:40:29 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6101CF3E00000000000F

File PE Metadata
Compilation timestamp:
3/10/2010 10:46:17 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:OyDBDN0vbfvfhhSVvnB1diKLHH7rKf8YmylcH+zFUib8I7XHgZwKhJAeCGRcAlpt:n0Dfh6HHfKnE+RUi/LHgZJJkbipjZSMP

Entry address:
0x49320

Entry point:
48, 83, EC, 28, E8, DF, 45, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, 90, 90, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 30, 49, 8B, D9, 49, 8B, F0, 48, 8B, FA, 4D, 85, C9, 75, 04, 33, C0, EB, 66, 48, 85, C9, 75, 25, E8, A5, 46, 00, 00, BB, 16, 00, 00, 00, 48, 83, 64, 24, 20, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 89, 18, E8, D1, 03, 00, 00, 8B, C3, EB, 3C, 4D, 85, C0, 74, 12, 48, 3B, D3, 72, 0D, 4C, 8B, C3, 48, 8B, D6, E8, FC, 07, 00, 00, EB, BB, 4C, 8B, C2, 33, D2, E8, D4, 11, 00, 00...
 
[+]

Entropy:
6.3922

Code size:
481.5 KB (493,056 bytes)

The file setup.exe has been seen being distributed by the following 20 URLs.

https://doc-0o-ac-docs.googleusercontent.com/docs/securesc/ab157sl16jbksf7fbuclg7mf9hp7vdgt/dt93qe2orrdnn5ect6e8skri4c5oabti/1469944800000/.../00804288520022091571/0B5QG4bvbSpMMYmJaWG9FZ0Y5ZnM?e=download

https://doc-00-5s-docs.googleusercontent.com/docs/securesc/ivi0on1ldi4p7ln3rf7qvltda7inksa6/gldftt25u7gkosn230p2o780qm18dalb/1475949600000/06696008769912213322/.../0BzcUwE-w4274VFBPdWM1LVVtWGM?e=download

https://jbgye-my.sharepoint.com/personal/driveram_jbgye_org_ec/Documents/Office/.../setup.exe

http://www.lpcloudsvr406.com/.../Setup.exe

https://dl-web.dropbox.com/get/office 2010/.../setup.exe

https://jmn-my.sharepoint.com/personal/phillipe_missoesnacionais_org_br/Documents/OneDrive/.../setup.exe

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=302&strRemarks=Sample remarks

http://172.25.172.56:7799/Software/Project Professional 2010 with Service Pack 1 (x86 and x64) - DVD (English)/.../setup.exe

ftp://192.168.2.250/YEDEK PROGRAMLAR/OFFICE2010/.../setup.exe

https://drive.google.com/uc?id=0B4eip1Xy4lq4RElKM00yZXRFSGM&export=download

http://s5.histats.com/stats/r.php?469053&100&30350&urlr=&www.sunuradiotv.com/.../setup.exe

https://drive.google.com/uc?id=0BxrCk2FhF7-nQk8yOHVKS2o1X0k&export=download

https://www.dropbox.com/sh/cobly373vw7bmz5/.../setup.exe

http://dl.windowsfileviewer.com/v2/click/.../

https://mega.nz/persistent/.../pocFFLBA

ftp://dl.sbu.ac.ir/Programs & Tools/OFFICE/.../setup.exe

ftp://smftp.sundarammutual.com/sbfs/.../setup.exe

temp:setup.exe

https://dl-web.dropbox.com/get/Microsoft Office/.../setup.exe

http://www.murgee.com/auto-clicker/.../setup.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.