» outlook_extensions_setup64.exe
Overview
Analysis
File Details
Downloads (1)

outlook_extensions_setup64.exe

Oracle America, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from stbeehive.oracle.com.

File name:

Publisher:

Oracle America, Inc. (signed and verified)

MD5:

2ea78d22f6f5756cf8a83f366bac3162

SHA-1:

354e85252b6631499462f52c9ed6c64860b83d70

SHA-256:

cf4673bc5ebfc640b5dbf833494bc600e8a9be4834e2e44abde50f9c878ff787

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 10:00:40 PM UTC (today)

File size:

14.1 MB (14,756,272 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\outlook_extensions_setup64.exe

Digital Signature

Signed by:

Oracle America, Inc.

Authority:

VeriSign, Inc.

Valid from:

7/6/2010 6:00:00 PM

Valid to:

7/6/2013 5:59:59 PM

Subject:

CN="Oracle America, Inc.", OU=Software Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Oracle America, Inc.", L=Redwood Shores, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5EF1DC1EFB1E46B5DE80EDE1762A55A7

File PE Metadata

Compilation timestamp:

3/28/2012 1:04:41 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

393216:xmIr34OXHGk0ucVdg1RNYkUWDRBemDPXn:xmIr3Zmo1RAeBF7

Entry address:

0xEF00

Entry point:

48, 83, EC, 28, E8, 13, 5E, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 10, 57, 48, 83, EC, 60, 48, 8B, FA, 48, 8B, D9, 48, 8D, 4C, 24, 20, 48, 8D, 15, B0, 86, 01, 00, 41, B8, 40, 00, 00, 00, E8, C5, DB, FF, FF, 48, 8D, 54, 24, 70, 48, 8B, CF, 48, 89, 5C, 24, 48, 48, 89, 7C, 24, 50, E8, 82, 9B, 00, 00, 4C, 8B, D8, 48, 89, 44, 24, 70, 48, 89, 44, 24, 58, 48, 85, FF, 74, 1E, F6, 07, 08, B9, 00, 40, 99, 01, 74, 06, 89, 4C, 24, 40, EB, 0E, 8B, 44, 24, 40, 4D, 85, DB, 0F, 44, C1, 89, 44... 
[+]

Entropy:

7.9971 (probably packed)

Code size:

152 KB (155,648 bytes)

The file outlook_extensions_setup64.exe has been seen being distributed by the following URL.

https://stbeehive.oracle.com/content/dav/st/Beehive Early Adoption Program/Public Documents/.../outlook_extensions_setup64.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.