» setupproplusretail.x86.en-us.exe
Overview
Analysis
File Details
Downloads (116)

setupproplusretail.x86.en-us.exe

Microsoft Office 2016

Microsoft Corporation

File name:

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft Office 2016

Description:

Microsoft Office

Version:

16.0.6326.1019

MD5:

b550f2ac2c9db9af8c306a530a34440a

SHA-1:

09ca3b8dcb5c13aa5af1e8d573c0890b01e15b0b

SHA-256:

5f10b6e6f8502f4f8360dd7e7047350db5ee45f67df6aaf6c50bef61d0364f4a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/19/2024 11:56:09 PM UTC (a few moments ago)

File size:

3.1 MB (3,201,216 bytes)

Product version:

16.0.6326.1019

Original file name:

Bootstrapper.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setupproplusretail.x86.en-us.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

6/4/2015 1:42:45 PM

Valid to:

9/4/2016 1:42:45 PM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

330000010A2C79AED7797BA6AC00010000010A

File PE Metadata

Compilation timestamp:

1/6/2016 9:17:13 AM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

49152:knUBJZsYIYKSv2nPFSCD65UwlEQ0/Ogucm8SdtuTj3byjwYWlkssvNEpKgSFnU:zBJi1Ko0CD6KlRZm7wY2sc

Entry address:

0x10992A

Entry point:

E8, 96, 12, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B, D6, 75, EA, 33, C0, 5E, 5D, C3, 8B, C2, EB, F9, E8, 18, 17, 00, 00, 85, C0, 75, 03, 32, C0, C3, 64, A1, 18, 00, 00, 00, 56, BE, E0, D1, 65, 00, 8B, 50, 04, EB, 04, 3B, D0, 74, 10, 33, C0, 8B, CA, F0, 0F, B1, 0E, 85, C0, 75, F0, 32, C0, 5E, C3, B0... 
[+]

Entropy:

6.5703

Code size:

1.5 MB (1,579,008 bytes)

The file setupproplusretail.x86.en-us.exe has been seen being distributed by the following 50 URLs.

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303235h7c572b438a0b4a5e875b477e79df383e&receipt_id=844657343&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=76T2Y-N7FTQ-28QMP-YVK2Q-H22QV

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303931hfddce81e126a4dbe9a11488607f9f1e2&receipt_id=477620257&local_only=true&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=NRRX4-FKTJ8-DJGXW-TTVCX-TF4HH

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303932h2fc8af24897e4bf787a10932ed737835&receipt_id=552326506&local_only=true&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&language=en-US&TaxRegion=PR&Source=O16HUP&ProductreleaseID=ProPlusRetail&version=O16GA&platform=x86&token=JXQPN-FQKXP-WDBJ7-DM2K6-KTPQV

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hdc43400495f84ed79457abbce805e167&receipt_id=865688425&local_only=true&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=KYNX6-JC3R9-CC78F-XB2PQ-H22QV

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hac515982099b4e3aafb348b1c9ef70f3&receipt_id=865699076&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235he63697d2e4c24d2a974cae055f5ff97f&receipt_id=844474102&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=PT9NK-BCVXJ-42KTP-HJBPT-RRG97

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h3a87bed608b54979b83f766bcc5af96f&receipt_id=844733905&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-CA&id=g506f64303234h955d3eebfbb448ec967e2b28c5aebd47&receipt_id=865709461&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=BGNVQ-PM7FT-HRD72-CXTX9-RM6DV

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=QBPN9-GR2WJ-8C9CX-XRTHM-X4TDV

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-GB&id=g506f64303235hc5d378b5f5ca4fb4a5c8bf55ccecdd52&receipt_id=844817490&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hbd1a3d01f7db42d2867f052779777fb3&receipt_id=865702266&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-CA&id=g506f64303234hb4a771c1cbb74065ae0343fc49e723bb&receipt_id=865706938&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h6b79fd2e038743b89c7d254fe6dd0c43&receipt_id=844827670&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?act=1&TaxRegion=PR&&Language=en-us&Platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16VLAP&token=MN8Q2-FQYKH-44YQT-DC2C2-HH697

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235ha9fb1a0b1a6d453dbbe4b834d93ee3d8&receipt_id=844824210&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h9f420a5be1a8425998965cf835ee540e&receipt_id=844821211&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hbbe8f3e4efb048c2b6ef538d7ace5a19&receipt_id=865685594&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h7dd8066dbc144360bedaf47b8917f1e0&receipt_id=865686334&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234h5166c1fc26e84729b017203c89fe4514&receipt_id=865670296&local_only=true&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h5d931a711401431dba9385a243e2209c&receipt_id=844457776&dname=O16.download.name.32

https://c2rsetup.officeapps.live.com/.../download.aspx?TaxRegion=PR&platform=x86&ProductreleaseID=ProPlusRetail&version=O16GA&Source=O16HUP&act=1&language=en-US&token=PCRHN-JHQ2H-QRH4X-9HCJJ-D9MVH

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303234hf87e59d013484acf9e1e89597d9ae254&receipt_id=865713079&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h351754f61beb4e86a347ef60dbb26ec0&receipt_id=844577777&dname=O16.download.name.32

http://www.microsofthup.com/.../unitdownloader.aspx?culture=en-US&id=g506f64303235h90af835991e8440e90ae133321fa9086&receipt_id=844798647&dname=O16.download.name.32

Latest 30 of 116 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.