home

silverlight.exe

Self-Extracting Cabinet

Microsoft Corporation

This is a setup program which is used to install the application. This is installed with Windows Internet Explorer 8. The file has been seen being downloaded from forumkomputerswiat.digidip.net and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Self-Extracting Cabinet

Version:
4.1.10329.0

MD5:
30dafa3816b53b576436d841d163f8dc

SHA-1:
3323ab770f6e8bc9fb516be60610657b68a3d1af

SHA-256:
b0e476090206b2e61ba897de9151a31e0182c0e62e8abd528c35d3857ad6131c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/23/2024 2:51:36 PM UTC  (today)

File size:
6 MB (6,286,448 bytes)

Product version:
5.5.0031.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SFXCAB.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\silverlight.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
10/10/2011 11:32:25 PM

Valid to:
1/10/2013 10:32:25 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6119CC93000100000066

File PE Metadata
Compilation timestamp:
6/25/2004 3:14:00 AM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
98304:1RlGuLFDVqe1DUb/6EbE3KZZbr+UjfUVn02GZeKzZlw6P0Xt/ykgJ5ck9Mt7Y:1jGISbSEAubRfyywpXt6R9Mt7Y

Entry address:
0x5892

Entry point:
E9, 68, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
30 KB (30,720 bytes)

The file silverlight.exe has been discovered within the following program.

Windows Internet Explorer 8  by Microsoft Corporation
Windows IE8 (Internet Explorer 8) is a web browser from Microsoft. IE8 contains many new features, including WebSlices and Accelerators (Accelerators are a form of selection-based search which allow a user to invoke an online service from any other page using only the mouse).
www.microsoft.com/ie
5% remove it
 
Powered by Should I Remove It?

The file silverlight.exe has been seen being distributed by the following 20 URLs.

http://forumkomputerswiat.digidip.net/visit?url=http://go.microsoft.com/fwlink/?LinkID=185927&ppref=https://.../

http://10.32.5.15/home/.../Silverlight.exe

https://download.microsoft.com/download/6/A/1/6A13C54D-3F35-4082-977A-27F30ECE0F34/10329.00/.../Silverlight.exe

http://clkuk.tradedoubler.com/click?p(81561)a(2130923)g(21774496)epi(08003s10v63j)url(http://go.microsoft.com/.../?LinkID=185927)

http://192.168.0.105/home/.../Silverlight.exe

http://silverlight.dlservice.microsoft.com/download/C/0/B/C0B404F0-F025-4156-95B0-164AD7CA07AA/.../Silverlight.exe

http://113.171.224.246/.../Silverlight.exe

http://192.168.72.133/home/.../Silverlight.exe

http://www.teachermy.com/.../Silverlight4.exe

http://go.microsoft.com/.../?LinkID=185927

http://192.168.4.224/home/.../Silverlight.exe

http://219.133.34.196:8086/Silverlight.exe

http://192.168.0.23/home/.../Silverlight.exe

https://g.live.com/.../silverlight

http://www.moneydj.com/download/.../Silverlight 4.1.10329.0.exe

http://go.microsoft.com/.../?LinkID=149156

http://www.microsoft.com/getsilverlight/.../getsilverlight.ashx

http://go.microsoft.com/.../?LinkID=229320

http://silverlight.dlservice.microsoft.com/download/5/A/C/5AC56802-B26B-4876-8872-7303C8F27072/20125.00/.../Silverlight.exe

http://silverlight.dlservice.microsoft.com/download/6/A/1/6A13C54D-3F35-4082-977A-27F30ECE0F34/10329.00/.../Silverlight.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.