dotnetfx3setup.exe

Microsoft .NET Framework 3.0

Microsoft Corporation

This is a self-extracting archive and installer. This is installed with multiple programs including Windows Media Player Firefox Plugin and Microsoft Games for Windows - LIVE. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft .NET Framework 3.0

Description:
SFX Setup

Version:
3.0.04506.30

MD5:
643a12d8558edf58ddbdb1da2428f284

SHA-1:
a566bcd2ffffc3842a95adc57f7df3f8cd11577f

SHA-256:
2517804072f831e422ba023ffa2026cccea01c2feca265a8b68e1909c554fee0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/14/2018 2:12:00 PM UTC  (today)

File size:
2.8 MB (2,945,816 bytes)

Product version:
3.0.04506.30

Copyright:
Copyright (c) Microsoft Corporation. All rights reserved.

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\dotnet_30\dotnetfx3setup.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
4/5/2006 2:43:46 AM

Valid to:
10/5/2007 2:53:46 AM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
61469ECB000400000065

File PE Metadata
Compilation timestamp:
6/28/2005 11:55:01 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
49152:hSK4pLsCTBR1+Zjy1TlzwK+eQ3wv6/TjFYSj6CrE8k8mq5ZTdVgYW3NX7pr:hS88mZm5KJe2wv6/TjmSH9SOkPNpr

Entry address:
0x5A45

Entry point:
E9, 13, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9...
 
[+]

Entropy:
7.9963

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
30.5 KB (31,232 bytes)

The file dotnetfx3setup.exe has been discovered within the following programs.

Microsoft Games for Windows - LIVE  by Microsoft Corporation
Games for Windows – Live is an online gaming service for Games for Windows-branded PC titles. It enables Windows PCs to connect to the Live service, which will eventually include other devices including Windows Phone.
9% remove it
Windows Media Player Firefox Plugin  by Microsoft Corporation
To play Windows Media in Firefox, you need the Windows Media Player browser plugin installed. Even if you already have Windows Media Player installed, you may still be missing the plugin required to play back Windows Media audio and video embedded in Web Pages.
support.mozilla.org/en-US/kb/play-windows-media-files-in-firefox
3% remove it
 
Powered by Should I Remove It?

The file dotnetfx3setup.exe has been seen being distributed by the following 43 URLs.

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1444325902&Signature=Y6-P7r-zUplJrbVdZDkCXnxLX1gYx9bdopW-hH-1woq7roH-Y5yC9hyXdMvVmE4JthdxvbYRGMMB9DuHY2hCbjU0Qu~7ltt61~uxzpDfzbkzwx8jfGxVFIrFmct0BDZvwOAd0KE5-juXmeOhis1hLGDnfPg9JB83bVE-V6cU6VY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1487192846&Signature=CApTviKTRS~KwuSeXR5unjXN1ylaqlIuzdVpZ8qCqBukdGQe9fQdhz-knQ-fDBBDgN7KN3sCzoYU748iGb~kTH1p9Uvfa2YzIrGGV73HNqRbH1M5Lygn~iTUEe0pH5mZQEX8YxzwPRRLjuxcwt-6AsY2HY-lGJkFuEdVebE6Fdo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1474651277&Signature=ITcL2o4LQh3jl7COsGr5TGmu-7I6mW~7iTmaQUFZddBWdBsJUavZ7H3~P~dpsMG0d-XMPJDfQe2fdsJpQ-sglVaaVi6zcmD9U1afFUBbNVwvmB6zIdEcRNLiNlCISgDsXFZ3yXIMnOssbLFzpkrzhc14BlZVPMSFjh-oUOIKSWE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1483930894&Signature=HZn4ekRjTVecsHCpp0sEx~c3KjM~U6rTKOR3Kk5NaKeUc8iVYYfbbksKWNwEW63D-aKG0Hq8JWMFldKKvKyT2l8g0GUtwl5NoK4vqNZuVwTe3867NcRj5m1gRwyUCareXe3IGti1nrqT8E6LYpT58sJAuTjUTK75vz5Djp53XtY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1440475104&Signature=cMkxaH2aTRf9Zq97-rcoFlEBoKfyBMUBXKEYQCZXMjxipEh0bUP4Fi5fSlhdzNH6mYF6nxE-4x2rXmzW4bHsHR6XRhXyJed86suYWhs4v9KNKCuW21AfO2m1doSs8~amNQKwyiWwgn9yeaWfsZMJjFIn5RFvvTd5e1APSDepvFI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://www.crealogix.com/fileadmin/customer/Driver_Downloads/Lesestifte/.../dotnetfx3setup.exe

ftp://126.11.11.111/?§?†?¬?„???²??/?‚?ˆ?§?…???³/?§?„?‚?§?…?ˆ?³ ?§?„?´?§?…?„ ?§?„?…???®?µ?µ/.../dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1478193534&Signature=PK9fpOqQ5FEhHesLRvXFYQQ-IeaWl6~Y1wWN3HwNHs2pAC0t6VCe2W3JHrQ8Uxp~q7aRR2u67BOP7aFEdOPnl7RfUUiQpwAr53Jxd1wOgGt76t0fJedVVD8r9vGJu9Ob~85iTSDpkt-Im5UhUAGS5-Mfh0p-Z~UArdhv6F4P~Dc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1476949690&Signature=OrT3n0hFgGkbac~XCznROvQU1nzAfyWr6s0fXLJ9PRLgmd5ofrENiZtjAh9iRPjsJLGUsbrUnG85EqzgkqmYtVVZylNAZhGjn~PFpBcPt62bm-ADvd44bQPifk5N-vfbv4uoP8Z3WAFLZCMMRoC~uZw~bwkoDqX4zq-kIq0iwPw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1465091346&Signature=gaFfBle0tUH6HO-LVd1PFGD28VkATWphtf~1LHzqQ-Uk2a4SZoSruKcfAb3nTL2XPzfzMk57JDa6OR5T1nUzOsz~0t2DU-eASUzBKlfqLBSkYPOHG7WKTZbpN8qxU-Ljx44R0CD1d4dB2BOZmGJmRw1t3yM4BHooeqvizgtlH9Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1477901436&Signature=g8XPuQ6Zy5ArRb~v0JUfyYzrImwFZ~HrBo89x9rY8WmM~cAPkWar-DHP5KvV4IjkvwWQFbi228Xrcy2BqUVsgdd9L9F5RPDP7Myl6DptQQQvY1BE7yTyRV97yg~kVLm3dFDY~lBFweChwyZTJcDSSIOb4ymbDIDyMEqgYOb8XME_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1478126133&Signature=L183T1wywbsjtGHGWphXTn-ybdXtXLQknkBFRQgbgFsbmW6BZTdcPTmeP0Q~t2WoAJSpO3WVRB-y9~H7LBTKQPVDNagtjWInRedUySJAcfrNLeCfyL8B6PiECPjsOxAfXYZJe4QVDMXwzPuYb~2a3dj5elHJ7hbgO3UlW~Iag-8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1478248414&Signature=J~v52h0RGUanel84e-FOKTLKkLv--IPk71uu2jwp9nWOXg-FJ4ALlZ3PIiHGgSqtWuxukktB33Vhezie0mD9pnUABOTiKJMTAuTIAebGr0G4QLBie18QLcymXpp2RSmLc7ois3hwxkGjlv2Y5WeKIiBHLsbnCkXvmkMnSA0Dbuc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://gsf-cf.softonic.com/a56/6bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=56981&instance=softonic_en&type=PROGRAM&Expires=1453263338&Signature=S1hxlTcO9~IyK4tvSdSNuUjEaEZBwTF8zBlIF~vR-U29USIKyMs8LEE5kFhEnN~d7RxsIknSzcMOLlkShqUyDbjQGn-RI2N7AXpojEteodpCTrdTD-UjHJo5U-VJAa6mqZ1vtvGjhQPeqWIsUkAXYWCmpmJsuP1WX0WfNX4t0NA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dotnetfx3setup.exe

http://global-shared-files-l3.softonic.com/a56/6bc/.../file?nvb=20141123115052&nva=20141123235152&token=0190ad4df7818ec5872f3&instance=softonic_pl&filename=dotnetfx3setup.exe

Latest 30 of 43 download URLs