» bonjoursdksetup204.exe
Overview
Analysis
File Details
Downloads (2)

bonjoursdksetup204.exe

BonjourSDK

Apple Inc.

This is a setup and installation application. The file has been seen being downloaded from adcdownload.apple.com and multiple other hosts.

File name:

bonjoursdksetup204.exe

Publisher:

Apple Inc. (signed and verified)

Product:

BonjourSDK

Description:

Bonjour SDK Installer

Version:

2.0.4.0

MD5:

820ee5f78ef39c26d3b44b0afe87f923

SHA-1:

6191aaa3f9bd81eecfdf8aa7e381d9bcaaae50bb

SHA-256:

0618a4005e04f61a627b2f39fcc053e8f0733b784fae0394f4ca0df5d4784cc8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/19/2024 11:53:56 AM UTC (today)

File size:

4.6 MB (4,798,256 bytes)

Product version:

2.0.4.0

Original file name:

BonjourSDKSetup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\iwritingpad\bonjoursdksetup204.exe

Digital Signature

Signed by:

Apple Inc.

Authority:

VeriSign, Inc.

Valid from:

5/18/2009 1:00:00 AM

Valid to:

6/27/2011 12:59:59 AM

Subject:

CN=Apple Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Apple Inc., L=Cupertino, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1FBEDB2A9B36C86F3CC85A249BFBD2EC

File PE Metadata

Compilation timestamp:

10/29/2010 2:41:08 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

98304:rqAk0eVCi5o/N0h9cd7c/Fclz6CkJsoTxWP6wW:rAV95oV0h9qc/FclO3jTxC6x

Entry address:

0xB873

Entry point:

E8, F3, 55, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, D4, 8A, 41, 00, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, D0, 6B, 41, 00, 33, C5, 89, 45, FC, 83, A5, D8, FC, FF, FF, 00, 53, 6A, 4C, 8D, 85, DC, FC, FF, FF, 6A, 00, 50, E8, E7, D1, FF, FF, 8D, 85, D8, FC, FF, FF, 89, 85, 28, FD, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, 2C, FD, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89... 
[+]

Entropy:

7.9922 (probably packed)

Code size:

71 KB (72,704 bytes)

The file bonjoursdksetup204.exe has been seen being distributed by the following 2 URLs.

http://adcdownload.apple.com/Developer_Tools/.../bonjoursdksetup.exe

https://developer.apple.com/downloads/download.action?path=Developer_Tools/.../bonjoursdksetup.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.