dotnetfx35_w8.1_x64.exe

Microsoft .NET Framework

Microsoft Corporation

This is a setup and installation application. The file has been seen being downloaded from download1431.mediafire.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft® .NET Framework

Description:
Microsoft .NET Framework 3.5 Setup

Version:
3.5.30729.7903

MD5:
740ca7314cedfb033947bc2deb457205

SHA-1:
db6df35a8db89d057084cf6093f9209d677c3b50

SHA-256:
5ace917e1f8e5f4688a07c620c9c5ed1cdf4526f4206924a69df5caa21a45e9f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/25/2017 1:44:35 AM UTC  (today)

File size:
61.7 MB (64,732,963 bytes)

Product version:
3.5.30729.7903

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
dotnetfx35.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\dotnetfx35_w8.1_x64.exe

File PE Metadata
Compilation timestamp:
12/30/2012 11:50:54 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1572864:I2hkrzWoKiub40EuA0NZUJBhOxDAtLWbp5h13VgRuAJ:2racuBoh2DSabp5h1m

Entry address:
0x1B160

Entry point:
48, 83, EC, 28, E8, F3, 01, 00, 00, 48, 83, C4, 28, E9, EA, FC, FF, FF, FF, 25, D0, 14, 00, 00, FF, 25, D2, 14, 00, 00, FF, 25, D4, 14, 00, 00, FF, 25, D6, 14, 00, 00, CC, CC, 48, 83, EC, 28, 48, 8B, 01, 81, 38, 63, 73, 6D, E0, 75, 2C, 83, 78, 18, 04, 75, 26, 8B, 40, 20, 3D, 20, 05, 93, 19, 74, 15, 3D, 21, 05, 93, 19, 74, 0E, 3D, 22, 05, 93, 19, 74, 07, 3D, 00, 40, 99, 01, 75, 07, FF, 15, 1A, 15, 00, 00, CC, 33, C0, 48, 83, C4, 28, C3, CC, CC, 48, 83, EC, 28, 48, 8D, 0D, B1, FF, FF, FF, FF, 15, C7, 0E, 00...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
106 KB (108,544 bytes)

The file dotnetfx35_w8.1_x64.exe has been seen being distributed by the following 21 URLs.

http://download1431.mediafire.com/wcu8xts7h7tg/.../dotNetFx35_W8.1_x64.exe

http://download2068.mediafire.com/4j679dfp82fg/.../dotNetFx35_W8.1_x64.exe

http://download1928.mediafire.com/2p7ln98paoog/.../dotNetFx35_W8.1_x64.exe

https://docs.google.com/uc?export=download&confirm=No5H&id=0Bwwg0F6cm8WWOVFIRkpiTVNHMUE

https://drive.google.com/uc?export=download&confirm=CXs-&id=0B08iPJrWQRzocmQxYkllUHdQUms

https://docs.google.com/uc?export=download&confirm=62sW&id=0B6z0U8wsaEqddFdibzBER3A4VEU

http://www.ezsoft.vn/upload/.../dotNetFx35_W8.1_x64.exe

http://download1619.mediafire.com/st1213jjrzyg/.../dotNetFx35_W8.1_x64.exe

ftp://ftp.eng.um.ac.ir/public1/Service/Microsoft.NET.Framework.3.5.Windows.8.1 & Windows.10/.../Microsoft..NET.Framework.3.5.Windows.8.1.x64_Soft98.iR.exe

https://docs.google.com/uc?export=download&confirm=d3AB&id=0Bwwg0F6cm8WWOVFIRkpiTVNHMUE

https://docs.google.com/uc?export=download&confirm=cUdr&id=0Bwwg0F6cm8WWOVFIRkpiTVNHMUE

temp:dotNetFx35_W8.1_x64.exe

Scan dotnetfx35_w8.1_x64.exe - Powered by Reason Core Security