home

gfwlivesetup.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from download.gfwl.xboxlive.com.
MD5:
516a53770040209eb3a8449aa0984755

SHA-1:
72ec48ede81ba297aed7834e16bcd136ab7a5448

SHA-256:
77f543456580630e10e621cd8928014217f796f52c2ea9604d8666ca77c3ae9c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:23:21 AM UTC  (today)

File size:
627.6 KB (642,712 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\gfwlivesetup.exe

File PE Metadata
Compilation timestamp:
4/11/2011 3:12:40 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:kQH0cfWMSrveg+gp1y40+RCM/MRCD7cm+gg3L4qsbOtUV+AG:k1qSrp1y40cCM/0CD+XMIL

Entry address:
0xFC06

Entry point:
E8, B6, 21, 00, 00, E9, 74, FE, FF, FF, CC, CC, CC, CC, CC, FF, 35, E0, EC, 05, 01, E8, 62, 19, 00, 00, 59, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 2F, 0F, 00, 00, 6A, 01, 6A, 00, E8, 41, 23, 00, 00, 83, C4, 0C, E9, 1D, 22, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 5D, E9, E7, 24, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, 10, 2B, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 7A, 2A, 00, 00, 83, C4, 14, 8B, C6...
 
[+]

Code size:
367.5 KB (376,320 bytes)

The file gfwlivesetup.exe has been seen being distributed by the following URL.

http://download.gfwl.xboxlive.com/content/gfwl-public/redists/.../gfwlivesetup.exe

Scan gfwlivesetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.