setupproplusretail.x86.en-us.exe

Microsoft Office

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Office

Description:
Microsoft Office Click-to-Run

Version:
15.0.4745.1000

MD5:
966c29946273d2d13fb70e1919f16616

SHA-1:
e40a15396ebbb4e6e37ff20ec0525aa4822a5e2d

SHA-256:
c3d8145f1023fc6e838e72e6d9444f7562c022bdf1c7ae2b5b235f265370a57c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/15/2024 12:01:12 PM UTC  (today)

File size:
1.1 MB (1,102,520 bytes)

Product version:
15.0.4745.1000

Original file name:
Bootstrapper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setupproplusretail.x86.en-us.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
6/4/2015 10:42:45 AM

Valid to:
9/4/2016 10:42:45 AM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
330000010A2C79AED7797BA6AC00010000010A

File PE Metadata
Compilation timestamp:
7/13/2015 11:59:09 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.10

CTPH (ssdeep):
24576:kAdz4S2djzsyPk3Fx1WwYcYX6lPJPP/ssxUG1/LkxjKiX62Wg:kAdz4ScfKZtYXwPdPN3/kXVT

Entry address:
0x5FCFA

Entry point:
E8, 8A, 53, 00, 00, E9, 81, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 98, 10, 00, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, E4, 12, 40, 00, 57, FF, 35, 68, 94, 4E, 00, FF, D6, FF, 35, 64, 94, 4E, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, B4, 54, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, 42, 54, 00, 00, 59, 59, 85, C0, 75, 16, 8D...
 
[+]

Entropy:
6.1762

Code size:
886 KB (907,264 bytes)

The file setupproplusretail.x86.en-us.exe has been seen being distributed by the following 50 URLs.

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235hd982bd9bea05497ebf333192d790f692&receipt_id=844241131&dname=O15.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303932h7f08f788cda6437d972957d2adb42a29&receipt_id=551731981&dname=O15.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h9b596cc798204f009d89db493869dcc7&receipt_id=865148125&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=PR&version=O15GA&language=en-US&Source=O15HUP&platform=x86&ProductreleaseID=ProPlusRetail&act=1

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235hfa4fcf8b99b14d8eaab387ce0846baa3&receipt_id=844213165&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&language=en-US&TaxRegion=PR&Source=O15HUP&ProductreleaseID=ProPlusRetail&version=O15GA&platform=x86&token=F4KPJ-6VND9-BC49Y-QT43B-G28QD

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303931hab92fcb87a7043769e7b205721d544e7&receipt_id=476989012&dname=O15.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h1ac5af8ac341496982f93b48874a2806&receipt_id=865150428&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=NHPCB-9P7WK-M4YG3-K2474-GXVT3

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h8c1152a15cb74925bde8c69922a3b027&receipt_id=865074837&dname=O15.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hd1bcf41152a345539f075ab99c56004e&receipt_id=865125373&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=PR&platform=x86&ProductreleaseID=ProPlusRetail&version=O15GA&Source=O15HUP&act=1&language=en-US&token=DC7QN-C72YP-HXCJ3-D72QB-K7363

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=PR&platform=x86&ProductreleaseID=ProPlusRetail&version=O15GA&Source=O15HUP&act=1&language=en-US&token=XHYVV-DGN72-RRWTH-T7R7C-4RD63

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=FXV6D-NK4DY-KJX9J-4FWM3-B96XQ

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235hfabe0ca0438c447997f63dfa62e7d882&receipt_id=844247743&local_only=true&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=23N4M-YMG4R-8PG4P-TXR63-KKVT3

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303931hf34df0eb781b4b5eb2a863786c09a267&receipt_id=477016573&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=NYRG8-TKQHM-RDBH8-YG9YW-W42DD

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h97c54de500234a15be7bd592ac57a513&receipt_id=865114369&local_only=true&dname=O15.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hbec11eb398eb4474866bfc4357de7910&receipt_id=864713328&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=DB&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=8N9PX-3RFB8-7V9C4-R36GR-6Q43D

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=IR&platform=x86&ProductreleaseID=ProPlusRetail&version=O15GA&Source=O15HUP&act=1&language=en-US&token=JKN49-GT3PP-4DGYP-XDHR9-WTWQD

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h90c3dcd0b7a14ad5b01d330796b52a0a&receipt_id=844232712&dname=O15.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-CA&id=g506f643134h4bbc0189369a4d46b377e5800884d01d&receipt_id=577456988&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=YQ8DB-3NXRQ-8GMCX-D6MMK-3RP9Q

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hc3f3a40ccb1f48f38ef4810d55304167&receipt_id=865074103&local_only=true&dname=O15.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&Source=O15HUP&Version=O15GA&language=en-us&ProductReleaseID=ProPlusRetail&platform=x86&token=87QMN-PJ3KP-BPPRG-RHQ9M-CWC9Q

Latest 30 of 101 download URLs