» gfwlivesetup35.exe
Overview
Analysis
File Details
Downloads (85)

gfwlivesetup35.exe

Microsoft Games for Windows - LIVE

Microsoft Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from filehippo.com and multiple other hosts.

File name:

gfwlivesetup35.exe

Publisher:

Microsoft® Corporation (signed by Microsoft Corporation)

Product:

Microsoft® Games for Windows® - LIVE

Description:

Games for Windows® - LIVE Setup

Version:

3.5.0056.0

MD5:

fa5c710c461cd9509f1f15dc77ffffea

SHA-1:

dcac0e121b2ddf97e0720b470257cd7bf38ac120

SHA-256:

c9dc8da0a972fc885c965454bf1d69a44b269ca7cf295ccadcf888bfbdece5f5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/24/2024 12:42:41 PM UTC (today)

File size:

70.4 MB (73,850,656 bytes)

Product version:

3.5.0056.0

Copyright:

© Microsoft Corporation. All rights reserved.

Original file name:

SFXCAB.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\support\gfwlivesetup35.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/20/2010 12:53:10 AM

Valid to:

10/20/2011 12:53:10 AM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6108775F00000000004A

File PE Metadata

Compilation timestamp:

2/24/2005 8:44:38 PM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

1572864:tQwxaAehT6hx4/KB4/hy2eSYYzXwo4tY78lZjtybK5MXGQ:eAehT+JB45yfSYYzYeGQ

Entry address:

0x5972

Entry point:

E9, 26, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

30.5 KB (31,232 bytes)

The file gfwlivesetup35.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/download/file/.../

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ4MDk0NzE5ODtzOjI6ImlkIjtpOjE3ODM5O3M6NDoiZmlsZSI7czo1NToibWljcm9zb2Z0LWdhbWVzLWZvci13aW5kb3dzLTMtNS0wMDUwLTAtZ2Z3bGl2ZXNldHVwLmV4ZSI7czozOiJ1cmwiO3M6NzI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9taWNyb3NvZnQtZ2FtZXMtZm9yLXdpbmRvd3MtMy01LTAwNTAtMCI7czo0OiJwYXNzIjtzOjMyOiJmNmQ2NGFjODQzNmQyNzNiMTVjOWNmOGVkYmExZTc2MSI7fQ==

https://doc-0o-9s-docs.googleusercontent.com/docs/securesc/nkc6pke2sc7nl3lv27l0e1kotlj70ndi/vqgssitg8h71od7sacab2psmrdksfahl/1483221600000/12975425995634166286/.../0BwSAXkvYIeG-MGI5TmpwTUQ3M00?e=download

https://mega.nz/temporary/.../aVsAxZRI

https://downloader.disk.yandex.ua/disk/c308956bd0a40757c33cef0361729ccb1a9e1b6525ab73e531707ea444044cc3/56ba5d08/j9kZAGMMW5KIL6EvTv-gGwm0CshA706Ws_3Zvji7QB-ssEJD-tYTagoYkORf_g3U5bl82ngIsTdeVHQUu-g1xg==?uid=0&filename=gfwlivesetup.exe&disposition=attachment&hash=uuj9hYurhhX4ULSq7/g30V1BrzN kJPhcwmtiapP/.../x-msdownload&fsize=73850656&hid=b6e6d37671ab19a57c6bd86e14fa2e1b&media_type=executable&tknv=v2

https://cloclo19.cldmail.ru/2uxQo6NKcPeFtqDs74zR/G/.../6ihBvwCFw?key=8e568195017cc8424f431a9a986be2d16593b4c6

http://filehippo.com/download/file/.../

http://adf.ly/Y=T=VQoZd4HVRmwLOwiV8HvdZlGN9X3Zb2mlxGvbY3WZQ2uZbvWkljjRcwmI9zzQbB2NZk0RLBmFNUvQb0S09SkOby3cdDuObtGQ9ThRZ5CQ9TELL2zUAkvQR5i09CERMCEFYj5R

http://cdn.komputerswiatportal.com/?ic_user_id=963

http://filehippo.com/download/file/.../

https://go.microsoft.com/.../?LinkID=201134

http://www.ranchsendgift.com/VWwSTa6nol0XgSNqFgZjFBdxSN5F 7xfE9cV0MIUjG1rXrwcGImaH2xSD2wrB1FmibwPQwFhdIhOJRS7_QZZ9fiAbNDtkkzYWFyeIiZhix AJBBmsgS2ekD9RFRJNOX3bQCfXK9EuKYqltrhwa6r6D2xOw Yt7DWYKGqVJ9c4iPK5L eVj6amLHhwlk6VoPUj2GNWENVoyFG0NVDGQERAtHw0hVAxQ==-G2EAAGTZXEyYxW1AancBhxywv3VJyILJ4XNFjKxvrGg8MXLKKtFVZCFFFVnWVBVmlrB4ZlOxLAadmAWASkBa1iS69puHt7ma 9l58zc=

http://dl.cdn.chip.eu/downloads/.../gfwlive-setup.exe

http://filehippo.com/download/file/.../

https://mega.nz/temporary/.../Fwtw1D5D

http://filehippo.com/download/file/.../

http://filehippo.com/es/download/file/.../

http://www.ranchsendgift.com/l_96frYW8Zn_PSJECsSppiNbvJA4BdKiFkcA7Y3xNFRjf5xZxRTVNlBebJ9w1jjCSBycvxA5Eojev877w9zh0ySP 1ZPl3cCZ3b DOSKPCG8V38uKHP_aOHz5uZtFTrVL8rgjJAFzbmVBTBcIgxKLRnna5TE1akqKerqHcthsSKC2aUd6w9ho0yHCY7x0hcPMbZo8ycKNeqRl y9APanCz_ice4dHw==-G2EAAGTZXEyYxW1AancBhxywv3VJyILJ4XNFjKxvrGg8MXLKKtFVZCFFFVnWVBVmlrB4ZlOxLAadmAWASkBa1iS69puHt7ma 9l58zc=

https://game-for-windows-live.softonic.com.br/download-tracker?th=1/.../3L2U sPTAiE8rdo2eKpVX0vt6EOAOIcYv4RGkgaoT2Yfr0rNAcmYMP1WVYiDxG

https://game-for-windows-live.en.softonic.com/download-tracker?th=1/.../3L2U sPTAiE8rdo2eKpVX0vt6EOAOIcYv4RGkgaoT2Yfr0rNAcmYMP1WVYiDxG

http://filehippo.com/download/file/.../

http://www.ranchsendgift.com/XLvBrK61iOUx_AWOIy2C9HhwBbNJRNTYqi_AoclkBQDlOWgJNKBUVcxe 7drQQT2jTGrjKTZkH7DSyN_bFmEPtmpOGFXYjbAfnSACs95fCrAD0 PZZ RpCQZDUIWAFZa0q6Zj ZGhSNx02Hr8o5E6l9zrKwTPvTKKF_4Z2J 968jiHumJqZjgCqfgixjASYeValj2Gk_ 1Xv0LJ8sFowIVt5KsUkbg==-G2EAAGTZXEyYxW1AancBhxywv3VJyILJ4XNFjKxvrGg8MXLKKtFVZCFFFVnWVBVmlrB4ZlOxLAadmAWASkBa1iS69puHt7ma 9l58zc=

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://www25.zippyshare.com/d/QP2thTJr/.../gfwlivesetup.exe

http://filehippo.com/download/file/.../

http://gsf-cf.softonic.com/dca/c0e/.../gfwlivesetup.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

Latest 30 of 85 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.