» zunesetuppkg.exe
Overview
Analysis
File Details
Downloads (24)

zunesetuppkg.exe

Self-Extracting Cabinet

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

zunesetuppkg.exe

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Windows® Operating System

Description:

Self-Extracting Cabinet

Version:

4.7.1404.1

MD5:

1d71fa98d42f5fa235b64cff35afe27a

SHA-1:

d0b6aa004bcb5fb19950b2d9d1fd534eb3d28258

SHA-256:

085b4a2a1e27cd40b2bbda9b71741fd06b5dc84ce1f259ed5466e2d469b51112

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

11/27/2024 5:39:57 AM UTC (today)

File size:

119.6 MB (125,460,744 bytes)

Product version:

4.7.1404.1

Original file name:

SFXCAB.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\easeware\drivereasy\drivers\3w3xiwjy.1q4\zunesetuppkg.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/20/2010 12:53:10 AM

Valid to:

10/20/2011 12:53:10 AM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6108775F00000000004A

File PE Metadata

Compilation timestamp:

2/24/2005 8:44:38 PM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

3145728:a1R9VB2HzkUaWUwUBZmWYz6uN6pmFQfEgf6kJUA:WHVEHzPDUwwmWYz6s0NP

Entry address:

0x5972

Entry point:

E9, 26, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

30.5 KB (31,232 bytes)

The file zunesetuppkg.exe has been seen being distributed by the following 24 URLs.

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1482110606&Signature=AMMD4A5yrYQevsEtnkzZNDUro1PPDclmRNMqKjQZvCe74v3m5Nkp8o0scn3omkAT9FBk74nbDkR6FMStTRc5tEjXFYgQMRMitt8D~HRIG-KgW258giNnEZFQLw8M3nHPGPbGN7Um1vp1I~mMwpCJaec10uWIYZO2gF1Rm5FDuEI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1434221366&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=XhdKTg0-C-emqteYZmMxirq4wue~2yy4itYpiCFTesM6mncQQkUt946muLC5KQM2XxPagueCrnbG-3Bhud1g~WMtOs8OEtNJ~1HxmZ-8mrZR3YVgg~kY2PBFpeXrlz1Nw0sXOIxM9KhKydctQyaH1lshfWUd-w4vXkrE8KgJnTI_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1478739777&Signature=fE4E6GySoehXw7qmBScz7oGip0PGdlFqWdEiBHryivVuMKJAU-EVhqpYozROvhSI4AWiVlKc3puowbLPOC9wyhje5DDx5OyHbwfYzIZQvcPD06EhU9fQ1Oxl3X-H087R-djTky3mLfKKMrPjG9sPFC9mEbydnhClITrwaFEIxJU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1430781130&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Vn~K1eZ8E2yrL3MKQDYCZPV2DOYji4KS~z1-t7QEjOkClRGeo1PHbR5M86CalTg1QqmucOQ55Bay5EO7rwwsi4UFdUrbJxEgM4hEJBgWFx7hJLLU33pETgaePpZZN-zHbBj3DHx6e3vJjE5YAeo2QqK8yCSBcsna7WT133CNLxU_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1443134445&Signature=hHW7k0g8SYNOwwC2ymKA1xwbcutVheGMclt9P2t-EHNITa2HGzSUr3rGCnV~U6rJW4E1rbW4EFZ8unyn0qx2Ou1OLQwg0NbXlAMKF73hMXv4JFc75w04EHnkX~N22Noy4mZxPxZnZNcdjRuCLJm022UXGRmo-lBuaIMi1aX8Vwk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://www.centersharenew.com/5mbhJfVdjsrz6MULWxmgbar3te1pBI6yBGukkzHZEz G2lKHF nccg1wWiF6krgsmqTfr6l429QK 58gg2ThO83bkcMd53js Tydat56nSVGLyfymhwhMlrMRB2MyDCy4vUund98FlDHM MsKC1_O81wUFW3BaA hRfYElbj69 UU4TIkldwJkhn08dCLAy_7vW9N7BF-G1QAAGRwXmtrOpX xYMZAGzAgUtEgeaDwX1l28f2PNcl0Bd187yUY9HQCP_XXEH6iaq3so7TaCvhLdq8jn2Pf8_hon euw6oDIaXWF6RiUwA

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1436138481&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Z0DvgWOiuQT9R6JCBSAJZQLz2MQs4sohiav-MBJMsgBCrpCyndY1ltRBmnt6y7W-0yNmo9HPSksAF7bDmUFHGsPtTK65G0VmUM5KtYHsqwC2qvJK4XqwYbmLIm5C-wtlO8ih7xXhRzNsRjqCWAjzSUgIJiNzeUUA35JkcOEHfco_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1454273677&Signature=BjVitI0K8rA69IbuaMZEf-XfZ2VsK~aISFERil02dOXpfFkcO5wZoLIZnOvDoyX-UJGWuzR6Jj-ZyOBDyTbGO~tbdKmSzm51JyYIE9Kg-uWDjJy2DHzHaXyR5ypeyo6KmHUwe5To0BMgoLGbCzVWAI0Ih4~xPp2j91oAc1ziqdI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1431835760&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=eRC-EGS4I4cYB6TQEVV-uq-dOgI1UH1XfsjgtWXw9RPb1zyslY-7jFPeXhi7JX3tbheDrE86oK3xXTfaKU6thalhDBHmhyzdvUyYIjPdZBRGKoaMksGSdiNpwBA5chKGRjLYbajriZmnzHa7ZPI9aUEXpvLFTw5Ehw2Ol1~WV-U_&filename=ZuneSetupPkg.exe

http://www.centersharenew.com/c?x=JfbRZ iQ5gqxwNlfJ80tvH81ePQTYS/UIck0EivAoNE=&c=Yp Fdl2FyW7vQaa6WRNNPIg2DXiOf/0Du6ZNyzYHAE/CYiSXh/OUUBGLoqrc2tfOK81sv520h1UfpfEoIuGEoElZwFlzscSP4MzC/6YCgojM0NUbCP5jjvKr6qtWKrPF6FTRf9nbuSw1OkdZhBYkPwq1WMODHJbYS7WKfinX2A=&e=0&fallback_url=https://secure.innodl.com/.../zune-software.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1466221047&Signature=MGylpIo2SfzL9ETJyPN6aCa7Bg1IdzvFoZasPdeMReIQfL6Kv7AfUNceMzzx5NedsC2nVCG-o6G3WcrZR4H4uTyAr0pSRsVy~mqiwkzf3cuh8kFvlioQDHKGpQOgolaa0qnnYedxouV~aoHJUodh8PgVXVd5ZnOXJI1Elw2tFXs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1440466043&Signature=Fz6r34P-GtL79uxb0lnJcy~eSPJ4O-7BDALhbTjN03AR8i88gFRLyfA~pG~FFFGn0fn6kO2oL9xClzD1PHZ-9Ps-vhoTB1iy~KBEZStQFDusJMWWqIrWi2haZQuUu~H6V5WrUJw5r2mLuojP6hfxE3sDcCKuUurtSh-brjwOUEU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1464399598&Signature=ZLNsYVMmvFgQpPsiaMozUWnFOkKKyUMLATpbsCc~2CYXeqIgadzMC1pEZyvjj5WSfmLCKZ0xL50GRwBouMuoYyI1y5yz-6ESMmbAI1WSS4BtPVM7JXcmfWzDV5qRLKwbsjypNnpvjzkVTDn61VgOKSmkoOTb4OBPkWL2hYrTRE4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1441438748&Signature=XlTBDkD0254BoHMrewwy1CU3SEiuKwk-gDkmuFNwqEvP~Qf3gWhliIWqKCg~~oy4nQatxAhxVdMtVw1pv4KWhN2QJkpdtAQCQ1Vypx3OGixZnQj3kbYF7W9hsYEovWErE6-jKfwmZcKzNOTUcGS9bKg603yBCpHv~rJYx4zD-Ok_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://downloads.archivospc.com/bajar/.../ZuneWindowsPhone7.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1461908151&Signature=DmPU7X9Qhz-hb5EowTekg7iNsmv9UJ6pONsoWOzr-PltGG69jZp1t0qEQhg0jDc8Gt2fdo5x2g39uCBW4ubQRGpOPZI1inbN0ZYSuTGVlPChP9aJJhzE2I8xzwKiJaZVH9M-Gbr2F8n7G2sqTlhjYTfuRz0p2N63l50G61B9RYA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1464041312&Signature=hq5DgFgbjgF1VgKYRUs-z7cnciSWqnQ-PwciEJ9oTKMgvAu0yXeWiMXtoiuBxogh3a8mD9G~rlxSdOtpdr~c6k3upjxpnmk1pJuupoy2A1eFOsnq5h1E6SCCBssutltHyXEDF5Ofd-qmSUyLpJmRS0Gqk08OEMRQa6PyiXKZXgY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1447614142&Signature=ZR6S94RVh0nx15zDoNhSTL1IyljKRDfCgbngEUu4KUWSeHzibqWfca96r4SVNnwAa0VAAQmIHIDPHjhvS6s3Z8MWY0kHpGIUsCdIQY-u3kSIWUs1ZAM-y27uAtiUAi0sEOsqXbEnTTp8fQKlN~9rLajUxtJwdCL-xa-EhmMr~hM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://www.funapplicationscenter.com/c?x=eevtacxNNJW6ckYnHNCUn8aS3lTo2cEBDOcfTXhICyM=&c=NZNIjksFxyU5fdOwR Ytv0ZYov7gxDOEK2O0s/Wyf6Dy nss EdNlLJrF7g/UAnli0q946VNj1/Q mzWVRmyg5oxw4qVlqfKZrQKIH0jENudppOJ4VpYeipzZMQi7XRwa/W/hiCRV6cn4cJZzLW1wQDtybTvQ3 hV46f0mcFuP6p3vYQgoNDUtFG8jIQl8Q/&e=0&fallback_url=https://secure.inndl.com/.../zune-software.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1439188289&Signature=A0WkFac1YDV0J5QVose~BfSZrYiwhJAPQ9OTeGz9KVmM~Awtef~923XajXDWI2s7uxh~ieo9aaesigZhAOFbz04GoGMABUAqtGt9Bq05QxDHC6GanffW8y7j1k2Uc6UFDmqUtyjgdX4qB78g1hmgyM8qVEJl0GBRIF2bChho8Bc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1453197263&Signature=imqnnqvmYzBTkqcyC2VEgXl3PXh407DrWMF9atNQVljIn5IWzLnDRdKTaTN5QqEUmPt2mT1H2bjdTBYpXPatGwEk4V2L1aQKau-XCHgXChB5u7Nf878fVUCgzgCOzLu3mu-FBj2k8abbYO0UfRRn399-60HwuU8zMgeA2d24GWE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1427083256&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=C275o~lK6yECbTec4mlSvHJ2LgejLKK2Olc7kOFCN3CbW99xgDsz8dQMo1R-gtVmbAABSUpMeTl7rLcQxpsDGcrs7I6PgaKWrVTEskpApbPz6FVuGADWUD~V5KhvdepYh3vVZNZncoGD1v1St6Ph~96B5smVc~o4cbv6lwcqlVU_&filename=ZuneSetupPkg.exe

http://gsf-cf.softonic.com/d0b/6aa/.../file?SD_used=0&channel=WEB&fdh=no&id_file=57150&instance=softonic_it&type=PROGRAM&Expires=1440092298&Signature=Afl-bT8zazPgK4O4sIazs6xEVWtpOuzn3eTyYE0NXUvNxVxhQwdHpkyZZsBwYUaYzv4A4lMaP5uYN0xL4GYF467VrM9dFH~rlIEH0ekSjedN4UH0kKGk~AaFkaX2Oz8W~niCP59XbKF89f2mW7aOVI-mHhVc79e8vZD4zNTeQwo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZuneSetupPkg.exe

http://download.microsoft.com/download/8/C/7/.../ZuneSetupPkg.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.