home

dotNetFx40_Full_setup.exe

Microsoft .NET Framework 4

Microsoft Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from go.vitzo.com.
Publisher:
Microsoft Corporation

Product:
Microsoft .NET Framework 4

Description:
Microsoft .NET Framework 4 Setup

Version:
4.0.30319.01

MD5:
bbb0477d87d9462d9fe5735f547a6d45

SHA-1:
53d8dafedcbe32c8debe0a5518f2b51a153292ca

SHA-256:
7404262fd11e24229ec017955e6a82a4c0d7575cd0ddd8c8495daabc0785dfde

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 7:30:49 AM UTC  (today)

File size:
932.6 KB (954,952 bytes)

Product version:
4.0.30319.01

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
dotNetFx40_Full_setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\dotnetfx40_full_setup.exe

File PE Metadata
Compilation timestamp:
10/9/2009 10:27:34 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:VtJ4x8xAxkqgI3dUcyezFSjaBHFaNlsqK5/oh6iZf1LUXw/vxNI:h4x8xqkqp3Gexm8FCspg0iZf1LUXD

Entry address:
0x191C6

Entry point:
34, 96, 68, 07, 91, 08, 00, FF, C0, FF, CB, 81, FE, FB, 44, 00, 00, 72, 07, 80, EF, B4, 0F, C9, FE, CB, 1D, A7, 0F, 1D, 0A, 0C, F7, 8A, C6, 0D, 69, C4, D3, 29, BA, C6, FD, FF, FF, F7, C5, 96, 9C, 62, A6, 81, C2, 3A, 02, 00, 00, C7, C5, EF, 3D, 0B, 87, 0B, D0, 89, ED, C6, C5, 42, 68, 65, 3E, 7B, 00, 68, 95, 94, D1, 00, E8, 6E, 00, 00, 00, 3C, B3, 0F, CF, 85, D8, 2C, BA, BF, C7, 0A, 00, 00, 21, E8, 81, F7, C5, 0A, 00, 00, 69, FF, 89, 29, 00, 00, 8A, F4, 33, F7, 8A, F2, 89, D3, 88, FC, 68, D8, 8B, 03, 00, 8B...
 
[+]

Entropy:
7.8702  (probably packed)

Code size:
161.5 KB (165,376 bytes)

The file dotNetFx40_Full_setup.exe has been seen being distributed by the following URL.

http://go.vitzo.com/dotnet-4-installer

Scan dotNetFx40_Full_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.