home

q331953_w2k_sp4_x86_en.exe

Self-Extracting Cabinet

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Self-Extracting Cabinet

Version:
5.3.0010.0 (xpclnt_qfe.020226-1835)

MD5:
80e059a7bd9be0ae5ca540dc000856dd

SHA-1:
14e79733a2fcb8c11f24a48a609428d9b770bee4

SHA-256:
62ccd5b13ab1d3bd75cf81dcd5f7b18244012564d7403eb9230ebe19587573de

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/19/2024 12:30:06 AM UTC  (today)

File size:
1.4 MB (1,435,760 bytes)

Product version:
5.3.0010.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SFXCAB.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\Documents and Settings\{user}\My documents\q331953_w2k_sp4_x86_en.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
10/18/2002 3:02:14 PM

Valid to:
12/18/2003 2:12:14 PM

Subject:
CN=Microsoft Windows 2000 Publisher, OU=Copyright (c) 2002 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification Intermediate PCA, OU=Copyright (c) 1999 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=WA, C=US

Serial number:
6105767400000000002D

File PE Metadata
Compilation timestamp:
11/13/2002 3:14:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
24576:VE8gGsA+ek4jvUCVfD7oq12xnrZY1G06xlCs5CFsvNnysEpj9RbJ9gxtqTBiRHC7:Ves+exj15n9kxnrZYXGkDFsvNnyrjjbp

Entry address:
0x4199

Entry point:
E9, 52, F2, FF, FF, CC, CC, 8D, 42, FF, 5B, C3, 8D, A4, 24, 00, 00, 00, 00, 8D, 64, 24, 00, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0, 08, 8B, 54, 24, 08, F7, C2, 03, 00, 00, 00, 74, 13, 8A, 0A, 42, 38, D9, 74, D1, 84, C9, 74, 51, F7, C2, 03, 00, 00, 00, 75, ED, 0B, D8, 57, 8B, C3, C1, E3, 10, 56, 0B, D8, 8B, 0A, BF, FF, FE, FE, 7E, 8B, C1, 8B, F7, 33, CB, 03, F0, 03, F9, 83, F1, FF, 83, F0, FF, 33, CF, 33, C6, 83, C2, 04, 81, E1, 00, 01, 01, 81, 75, 1C, 25, 00, 01, 01, 81, 74, D3, 25, 00, 01, 01, 01, 75...
 
[+]

Entropy:
7.8350

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
111 KB (113,664 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.