setupproplusretail.x86.en-us.exe

Microsoft Office 2016

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Office 2016

Description:
Microsoft Office

Version:
16.0.6326.1022

MD5:
116d9c8dd3884910cb01c6bb7c6dd2bd

SHA-1:
1b517ba8e4cc00b5c269651f05c55967afd392a9

SHA-256:
850d8c7b66e5d2d876cc34edb95297fad19dd806ac2fa88dffaae285edcacd13

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/15/2024 11:54:35 AM UTC  (today)

File size:
3.1 MB (3,202,248 bytes)

Product version:
16.0.6326.1022

Original file name:
Bootstrapper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setupproplusretail.x86.en-us.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
6/5/2015 3:42:45 AM

Valid to:
9/5/2016 3:42:45 AM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
330000010A2C79AED7797BA6AC00010000010A

File PE Metadata
Compilation timestamp:
1/16/2016 10:06:49 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
49152:lqinXKDarxu/m4hwE3JKukhLKzbk7QKciXphWnYYJNTlju3VyjwYWlkssvNEOXgD:8CKDaFUhwIKukJFPciXpARwY2sT

Entry address:
0x109861

Entry point:
E8, 93, 12, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B, D6, 75, EA, 33, C0, 5E, 5D, C3, 8B, C2, EB, F9, E8, D1, 16, 00, 00, 85, C0, 75, 03, 32, C0, C3, 64, A1, 18, 00, 00, 00, 56, BE, E0, D1, 65, 00, 8B, 50, 04, EB, 04, 3B, D0, 74, 10, 33, C0, 8B, CA, F0, 0F, B1, 0E, 85, C0, 75, F0, 32, C0, 5E, C3, B0...
 
[+]

Entropy:
6.5661

Code size:
1.5 MB (1,579,520 bytes)

The file setupproplusretail.x86.en-us.exe has been seen being distributed by the following 50 URLs.

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h1c6f32e0ee024156b147217f7d1a9582&receipt_id=844862885&local_only=true&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=N2FQ8-GJXJP-RBFFP-642MX-8QKX7

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303931h69e207d8e8ae415d866a0a52238fc6a9&receipt_id=477647180&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f6436hc4c2b58d08d04135b1b8febc4870390f&receipt_id=111939919&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h779ba3ef78d1446cb5977ee8fe0f7391&receipt_id=844849314&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h0655e58ca5414067b4a47642c3e162bb&receipt_id=844866205&local_only=true&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=VP66N-6YXW6-XDVWT-MJDV6-H8RHH

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235hb0b195ffeff54e198cec9eae89c52fcb&receipt_id=844852922&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303932h0454397f130e4c50a56eefc69efe4088&receipt_id=552373911&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h99b9d91c435a4aa1a91e780c23d3e95d&receipt_id=844866426&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-CA&id=g506f64303931he4d54300ce02435c99c6f87678ba6ff7&receipt_id=477662723&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h9f4fdad0d61e4fbe85c3c36ecc2478a9&receipt_id=844502368&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h4e94e32787dc459595ae0c58fe2b09ac&receipt_id=865730507&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h5f892131fbeb4aaf81d5a035d2582d5e&receipt_id=865470999&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=GNB6Y-FYPR2-R3449-4Y9Y6-YG9X7

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-CA&id=g506f64303932h8d085978fb93463b97a74f98b7904bc1&receipt_id=552360358&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hb7e481af3bcc431887e36b6b51d93673&receipt_id=865725980&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h487fe85130954508b277564c710dc6ba&receipt_id=865730644&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h89e3f74bfff84f9fb3c978d2a4d0d61f&receipt_id=865731242&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303932hdcafa45f994541f5903aef869bf60004&receipt_id=552361430&local_only=true&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=PR&platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16HUP&act=1&language=en-US&token=gmbnp-v3tgc-v6vd8-6c7yg-wxcqv

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=GQXN2-WTK64-JPTXP-QV3H7-KHJ3V

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=IR&platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16HUP&act=1&language=en-US&token=9N4H9-VY4PT-THDCB-8XDF7-7QW3V

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-CA&id=g506f64303931hebaf9a111fd04e91984e54cb7fef51a5&receipt_id=477406434&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h7551c72f436a4b39b9ca33602e3d2b4a&receipt_id=865263501&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=4XCXT-YN3GD-RD3BB-G9J2B-XBT97

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=7NKTF-9WPKC-FCJHJ-FTD3H-2R4HH

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=MT8NQ-JXFGV-HKVKK-C46YJ-Q69X7

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303931ha11142277f344155ab5e5822c6611d78&receipt_id=477679022&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h56e2a85f7bb34469a0bbe95d097c6bf7&receipt_id=844872410&dname=O16.download.name.32

Latest 30 of 133 download URLs