home

windows6.0-kb936330-x86-wave1.exe

Self Extracting Stub

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from www.techtudo.com.br and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Self Extracting Stub

Version:
6.0.6001.17028 (lh_core2_spinstall(ghilios).070607-1802)

MD5:
fcb3bb346d1c97a59af92d66dcad24b9

SHA-1:
b8a3fa8f819269e37d8acde799e7a9aea3dd4529

SHA-256:
f2c460675e4a64665a685968a1e8123ce5cce4f1a419d13f9a819554305731ee

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/5/2024 11:31:10 AM UTC  (today)

File size:
544.3 MB (570,743,456 bytes)

Product version:
6.0.6001.17028

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SfxStub.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
6/22/2007 4:56:18 PM

Valid to:
9/22/2008 5:06:18 PM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6106BFFE000000000014

File PE Metadata
Compilation timestamp:
10/21/2007 9:54:09 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12582912:ArnyfElWuvSVWPht3TE0w81fHq9Sn0MN+75zftkXrTuM88:ADEuq055Vw81fKI0M4mB88

Entry address:
0x5A18

Entry point:
E8, 82, 06, 00, 00, E9, BA, FD, FF, FF, CC, CC, CC, CC, CC, CC, FF, 25, 18, 11, 00, 01, CC, CC, CC, CC, CC, CC, FF, 25, 14, 11, 00, 01, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 10, 11, 00, 01, CC, CC, CC, CC, CC, CC, FF, 25, 0C, 11, 00, 01, CC, CC, CC, CC, CC, 3B, 0D, 10, 80, 00, 01, 75, 02, F3, C3, E9, BD, 06, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, 53, 56, 57, 8B, 54, 24, 10, 8B, 44, 24, 14, 8B, 4C, 24, 18, 55, 52, 50, 51, 51, 68, 04, 5B, 00, 01, 64, FF, 35, 00, 00, 00, 00, A1, 10, 80, 00...
 
[+]

Entropy:
7.9994  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file windows6.0-kb936330-x86-wave1.exe has been seen being distributed by the following 11 URLs.

http://www.techtudo.com.br/_/software/.../download

http://gsf-cf.softonic.com/b8a/3fa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=67464&instance=softonic_it&type=PROGRAM&Expires=1476547195&Signature=X~9O7-dEhMIIoqP7oCI8BL3wPknuh1Bd7VHLuWrKLwee7bs5jbe3wInb4n8bYwrbahJRnhHkI9sSrwawKAyqawjW7nZB8EV6ETNYfYsLh6ABwn83Hm6CD0hp~RiMY~WrbjP1mo3GUT1AD0BDuWtUgCowOo7SQ~sEr5fUxBdnQSE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Windows6.0-KB936330-X86-wave1.exe

http://gsf-cf.softonic.com/b8a/3fa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=67464&instance=softonic_it&type=PROGRAM&Expires=1478557160&Signature=VDCyBSV15wLBuR-tGs~Yitye~1PwxpyuQMOIXm0zcg7S6I-yZlwdMLmuEFcIhjt-nAxgxklui--vrbT8AJg1-cYhBX2cUxork-FKPx-QFOw5B21TwewAvl~9wBRwnkHmm5Zm4kL-n8YgI-mUysHPDo1P4UPlBjGZNNDq2jzTjlQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Windows6.0-KB936330-X86-wave1.exe

http://gsf-cf.softonic.com/b8a/3fa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=67464&instance=softonic_br&type=PROGRAM&Expires=1473692807&Signature=PG-g~8cZNFbzDbs3JDh4pu28jrSkoQqUw1wk~UoAwW~T-UftQkICRheFQ8-4hMFT73hLUcqlfJjLSkxjIXQJeFyWwF58h-wH7cdphtY~7bVoNFcV1DGUxGeaEyTKmAyiUWEG75X-O0dQj~RZ3ydabykf7fCJP9wmqIVNrtqOZEc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Windows6.0-KB936330-X86-wave1.exe

http://gsf-cf.softonic.com/b8a/3fa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=67464&instance=softonic_it&type=PROGRAM&Expires=1471212287&Signature=HN8KFzrUZu0r7a8oeY5b6vAfm~BoPzzJgVs8NoBRf7UZQMEkwysvYTVHuHEDITIwIeusMhqTh81ezFfgVoX~ULbdoyYO4up3LyTB7irBJLDAlqjiWQZ5OCgmuUHS6aXmgFJl4m9KKA535mouqbm~e4Hom-S1mQVOsH2RPDeDCsE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Windows6.0-KB936330-X86-wave1.exe

http://windows-vista-service-pack-1.it.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOEBC9tj/6CuCr/gR8Bps11bkccZ/.../mPraTtzPZjtjGKfR3zAU4kRtz538GeLpLotZLtAVbzaoy1XvPLRT

http://windows-vista-service-pack.softonic.pl/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOTEhGed7UTo4JyTuWa/SgUveeqm2jLtBrtmF7e4NIxw97XGKckthO7JJyG52oO15WY3G1D5rdD3RsWXaIiddfRLRaCLXS4yOyuWggHXKkWN6EJqY5nhT4ds8biXKg3R8yLomTG1Mzjd4Wq7shJneJ6SKQ0nbaFWCEyOtE6qqREFNYvYkBSswYPl8 sMmiwTb7WyDDPl7fZ7INqZATyuQCFqmw9Y4NkWdZn/.../StmSyRoRzGy MWHgmxsAEBMI8fmBGhKAXePkVNYR8wg5DuVp9dCxTNtYXcKLOhzGQStnBAuj3RtIVm61NpfiT0MXwaCm0sehbQYgdRckTAGo4Orv9V hyzMvuisyLgVFM3tcTonGFC5wvZfZxqKj H53lwuPx4Al 3ytFyrak6iydBQfu6YrQ==

http://download-centrumxp.pl/1889,2,uaktualnienia,Service-Pack-1-dla-Windows-Vista-PL.aspx

http://windows-vista-service-pack-1.softonic.it/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOEBC9tj/6CuCr/gR8Bps11bkccZ/.../mPraTtzPZjtjGKfR3zAU4kRtz538GeLpLotZLtAVbzaoy1XvPLRT

https://download.microsoft.com/download/2/1/9/.../Windows6.0-KB936330-X86-wave1.exe

http://download.microsoft.com/download/2/1/9/.../Windows6.0-KB936330-X86-wave1.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.