» setup.x86.nb-no_o365proplusretail_9909de81-729f-4795-a068-ccd2757a0cf1_tx_pr_.exe
Overview
Analysis
File Details
Downloads (30)

setup.x86.nb-no_o365proplusretail_9909de81-729f-4795-a068-ccd2757a0cf1_tx_pr_.exe

Microsoft Office

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from c2rsetup.officeapps.live.com and multiple other hosts.

File name:

setup.x86.nb-no_o365proplusretail_9909de81-729f-4795-a068-ccd2757a0cf1_tx_pr_.exe

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft Office

Description:

Microsoft Office Klikk og bruk

Version:

15.0.4787.1002

MD5:

f3143990fffcf7a62189c0f405b2b5ff

SHA-1:

f8b122aef7f4d0284d503a2aef7eed9c596080e4

SHA-256:

5a29f033dde42f24bb3b4789b7375560f2c785dcdc2f167b4a11e2a68c936156

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/27/2024 12:06:28 AM UTC (today)

File size:

1.1 MB (1,104,576 bytes)

Product version:

15.0.4787.1002

Original file name:

Bootstrapper.exe

File type:

Executable application (Win32 EXE)

Language:

Norsk bokmål (Norge)

Common path:

C:\users\{user}\downloads\setup.x86.nb-no_o365proplusretail_9909de81-729f-4795-a068-ccd2757a0cf1_tx_pr_.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

330000010A2C79AED7797BA6AC00010000010A

File PE Metadata

Compilation timestamp:

12/23/2015 6:14:45 AM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.10

CTPH (ssdeep):

24576:4AdmaIi6VkH0lv8PWTKHW5uWev07Nq/Ed9xysJ/0qTsd:4AdmaHCQmV5uW2P/2bysJJW

Entry address:

0x5FCDD

Entry point:

E8, 5D, 53, 00, 00, E9, 81, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 95, 10, 00, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, E4, 12, 40, 00, 57, FF, 35, 68, 9E, 4E, 00, FF, D6, FF, 35, 64, 9E, 4E, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, 87, 54, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, 15, 54, 00, 00, 59, 59, 85, C0, 75, 16, 8D... 
[+]

Code size:

888.5 KB (909,824 bytes)

The file setup.x86.nb-no_o365proplusretail_9909de81-729f-4795-a068-ccd2757a0cf1_tx_pr_.exe has been seen being distributed by the following 30 URLs.

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=f5e3f8b6-6669-4312-84c6-cbb055438019&token=55b38c9e-d2d8-4571-b228-0d17c24a9f1c&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=176be141-8835-4c78-90a7-e2b1037ca2bd&token=46084d80-73d2-4922-b789-e53a55ca8b91&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=dc621aba-3320-4f33-b0b9-0ba9868ecd42&token=448e340c-22da-4e43-9f81-72eb07d70b67&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=a1d7e67c-c207-4b01-911c-be270427091e&token=7a9c0459-2c7f-42c1-be15-f097a2a0e62f&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=b7d5415f-5fbe-410c-b0e4-928dadd1f53f&token=a8283804-6365-463a-ae66-4e7e66b1af6f&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=c866500c-6544-4e6f-aa34-1d0ba537e4cd&token=43de73fc-4b2d-4181-a582-5101d5cde96c&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=8c1d363a-d419-447b-99cb-62c49c95d32e&token=3ac2e21e-457d-4056-805b-9f2dcf72c04f&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=e0fb839e-5e11-487d-932d-b11c166ad7af&token=ef1cce54-2cda-4fb8-a934-797d848516a5&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=b3fba103-244f-4f1b-87e5-bd6922c9aca8&token=e0f325e6-fc65-4efd-9016-15f9782b9ee0&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=1badf71a-c6cd-426a-983b-7033be0da44c&token=86043fb9-6600-4049-b313-de371c66ae31&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=03a6bac9-0bd9-48f3-a5f2-d73c49b775a0&token=fdf5884d-34d3-4d9b-9d01-288bf331f3e5&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=8eec056b-0e70-4b01-91c6-94acafad53f6&token=094294c8-2878-4509-9b49-f0e17a9cfea8&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=c0ef4bfe-c336-4c30-aea7-117c27d0d3f4&token=c3b2f7b3-8db5-4839-ba29-c36ff1e42f72&version=O15GA&source=O15OLSO365&B=2

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=56194b1c-7033-4169-b19f-6ddc4f2fbcd2&token=a8f4886c-845a-4569-b309-4013026ea5ba&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=cae7939d-4bac-49ed-a35c-5fb94ba9a9a6&token=3b99b27b-8b69-45fb-bec0-c6b732257573&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=ee327d86-7f6d-44eb-bbf7-4d717fe1706f&token=83442f7b-9089-4b0d-9dbc-e93e12a8067f&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=57f8c765-1f85-4d80-91d4-c6109db17c43&token=991eb06b-f3d1-427f-82c0-d16c73c8ff41&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=a11338a1-d7f7-41d2-a4a9-7178f7a02345&token=3a67b60f-484d-497d-9e68-1141df75cc89&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=ab665baa-e846-43ba-91b9-438cb4c1d566&token=a0a94ee7-ddf1-4660-b725-d8051161f8e1&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=7a686e0e-1c1c-48e2-be88-145924154537&token=c073b7ed-7ee5-4823-89a4-9cd22346a78d&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=dbc46119-5b08-4c40-92f5-40e6f34a38b9&token=759f27a2-c18a-417d-ae6d-34f341170507&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=7bef5f0e-2362-4a3d-99e5-9248a12f6308&token=be8cf076-37c1-43a4-a2b6-85156a8d1e52&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=663003c2-7e83-4db5-a308-8962360e1192&token=673e30dc-c2cb-40ce-893a-d4fd9b63766e&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=d900f964-86da-4deb-98e8-ca36ea025938&token=24b8c8bb-08dc-4a0f-945a-5961f75f5035&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=99621472-fdb6-433a-8456-29136f522bf3&token=e3c80647-c565-41dc-8788-fe876a896842&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=cf9c0722-5f96-43e0-a141-722f36c3ec25&token=afed6930-0941-4ff1-bd2f-402fd4158033&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=45a50e08-b26e-4ca4-a2af-750ab8030b3d&token=2ea1e956-4b36-43b5-b976-d31021ceb0e7&version=O15GA&source=O15OLSO365

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=10acc00d-8431-422f-b519-f3508f77ae33&token=c7299094-e6d5-49c0-8747-cfab796381a7&version=O15GA&source=O15OLSO365&B=0

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-NO&TaxRegion=pr&correlationId=c3ae436e-d376-4f8c-ac98-1cb94d42a224&token=9e5df275-f652-49c7-a27e-f99f24085bc8&version=O15GA&source=O15OLSO365&B=3

https://c2rsetup.officeapps.live.com/.../download.aspx?productReleaseID=O365ProPlusRetail&platform=X86&language=nb-no&TaxRegion=pr&correlationId=885dd5f0-62d5-41a0-ac97-b1ec2e36c54f&token=9909de81-729f-4795-a068-ccd2757a0cf1&version=O15GA&source=O15OLSO365

Latest 30 of 30 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.