zunesetuppkg.exe

Self-Extracting Cabinet

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Self-Extracting Cabinet

Version:
4.7.1404.1

MD5:
1d71fa98d42f5fa235b64cff35afe27a

SHA-1:
d0b6aa004bcb5fb19950b2d9d1fd534eb3d28258

SHA-256:
085b4a2a1e27cd40b2bbda9b71741fd06b5dc84ce1f259ed5466e2d469b51112

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/28/2024 8:14:30 PM UTC  (today)

File size:
119.6 MB (125,460,744 bytes)

Product version:
4.7.1404.1

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SFXCAB.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\easeware\drivereasy\drivers\3w3xiwjy.1q4\zunesetuppkg.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
7/20/2010 12:53:10 AM

Valid to:
10/20/2011 12:53:10 AM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6108775F00000000004A

File PE Metadata
Compilation timestamp:
2/24/2005 8:44:38 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
3145728:a1R9VB2HzkUaWUwUBZmWYz6uN6pmFQfEgf6kJUA:WHVEHzPDUwwmWYz6s0NP

Entry address:
0x5972

Entry point:
E9, 26, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
30.5 KB (31,232 bytes)

The file zunesetuppkg.exe has been seen being distributed by the following 24 URLs.

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1482110606&Signature=AMMD4A5yrYQevsEtnkzZNDUro1PPDclmRNMqKjQZvCe74v3m5Nkp8o0scn3omkAT9FBk74nbDkR6FMStTRc5tEjXFYgQMRMitt8D~HRIG-KgW258giNnEZFQLw8M3nHPGPbGN7Um1vp1I~mMwpCJaec10uWIYZO2gF1Rm5FDuEI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1434221366&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=XhdKTg0-C-emqteYZmMxirq4wue~2yy4itYpiCFTesM6mncQQkUt946muLC5KQM2XxPagueCrnbG-3Bhud1g~WMtOs8OEtNJ~1HxmZ-8mrZR3YVgg~kY2PBFpeXrlz1Nw0sXOIxM9KhKydctQyaH1lshfWUd-w4vXkrE8KgJnTI_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1478739777&Signature=fE4E6GySoehXw7qmBScz7oGip0PGdlFqWdEiBHryivVuMKJAU-EVhqpYozROvhSI4AWiVlKc3puowbLPOC9wyhje5DDx5OyHbwfYzIZQvcPD06EhU9fQ1Oxl3X-H087R-djTky3mLfKKMrPjG9sPFC9mEbydnhClITrwaFEIxJU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1430781130&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Vn~K1eZ8E2yrL3MKQDYCZPV2DOYji4KS~z1-t7QEjOkClRGeo1PHbR5M86CalTg1QqmucOQ55Bay5EO7rwwsi4UFdUrbJxEgM4hEJBgWFx7hJLLU33pETgaePpZZN-zHbBj3DHx6e3vJjE5YAeo2QqK8yCSBcsna7WT133CNLxU_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1443134445&Signature=hHW7k0g8SYNOwwC2ymKA1xwbcutVheGMclt9P2t-EHNITa2HGzSUr3rGCnV~U6rJW4E1rbW4EFZ8unyn0qx2Ou1OLQwg0NbXlAMKF73hMXv4JFc75w04EHnkX~N22Noy4mZxPxZnZNcdjRuCLJm022UXGRmo-lBuaIMi1aX8Vwk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://www.centersharenew.com/5mbhJfVdjsrz6MULWxmgbar3te1pBI6yBGukkzHZEz G2lKHF nccg1wWiF6krgsmqTfr6l429QK 58gg2ThO83bkcMd53js Tydat56nSVGLyfymhwhMlrMRB2MyDCy4vUund98FlDHM MsKC1_O81wUFW3BaA hRfYElbj69 UU4TIkldwJkhn08dCLAy_7vW9N7BF-G1QAAGRwXmtrOpX xYMZAGzAgUtEgeaDwX1l28f2PNcl0Bd187yUY9HQCP_XXEH6iaq3so7TaCvhLdq8jn2Pf8_hon euw6oDIaXWF6RiUwA

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1436138481&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Z0DvgWOiuQT9R6JCBSAJZQLz2MQs4sohiav-MBJMsgBCrpCyndY1ltRBmnt6y7W-0yNmo9HPSksAF7bDmUFHGsPtTK65G0VmUM5KtYHsqwC2qvJK4XqwYbmLIm5C-wtlO8ih7xXhRzNsRjqCWAjzSUgIJiNzeUUA35JkcOEHfco_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1454273677&Signature=BjVitI0K8rA69IbuaMZEf-XfZ2VsK~aISFERil02dOXpfFkcO5wZoLIZnOvDoyX-UJGWuzR6Jj-ZyOBDyTbGO~tbdKmSzm51JyYIE9Kg-uWDjJy2DHzHaXyR5ypeyo6KmHUwe5To0BMgoLGbCzVWAI0Ih4~xPp2j91oAc1ziqdI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1431835760&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=eRC-EGS4I4cYB6TQEVV-uq-dOgI1UH1XfsjgtWXw9RPb1zyslY-7jFPeXhi7JX3tbheDrE86oK3xXTfaKU6thalhDBHmhyzdvUyYIjPdZBRGKoaMksGSdiNpwBA5chKGRjLYbajriZmnzHa7ZPI9aUEXpvLFTw5Ehw2Ol1~WV-U_&filename=ZuneSetupPkg.exe

http://www.centersharenew.com/c?x=JfbRZ iQ5gqxwNlfJ80tvH81ePQTYS/UIck0EivAoNE=&c=Yp Fdl2FyW7vQaa6WRNNPIg2DXiOf/0Du6ZNyzYHAE/CYiSXh/OUUBGLoqrc2tfOK81sv520h1UfpfEoIuGEoElZwFlzscSP4MzC/6YCgojM0NUbCP5jjvKr6qtWKrPF6FTRf9nbuSw1OkdZhBYkPwq1WMODHJbYS7WKfinX2A=&e=0&fallback_url=https://secure.innodl.com/.../zune-software.exe