SFXCAB.EXE

Self-Extracting Cabinet

Microsoft Corporation

This is installed with Microsoft Silverlight. The file has been seen being downloaded from 10.67.48.103 and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Self-Extracting Cabinet

Version:
5.1.20125.0

MD5:
ca4a499386723de11ebaf419fb90b8e3

SHA-1:
786b5fe03d318f0f0e04ec2bc7f329e8cfc6e761

SHA-256:
f50429dfe7fc18033dc05748fa5bb61e443df8745baefe99e2806d808ca86cf5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
6/25/2018 8:40:51 AM UTC  (today)

File size:
6.6 MB (6,953,496 bytes)

Product version:
5.5.0031.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SFXCAB.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\sfxcab.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
9/4/2012 5:42:09 PM

Valid to:
3/4/2013 4:42:09 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
330000009D1E8D27AEB8F3D83800010000009D

File PE Metadata
Compilation timestamp:
6/24/2004 8:14:00 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
196608:k/e2Emd1J0++xUFqZ4a0QeZY0Xx7WnsJ5F6EmO9IUWpmEN:k/lE60hUq2AYY0UsX0fzZp7

Entry address:
0x5892

Entry point:
E9, 68, FA, FF, FF, 8B, 44, 24, 04, EB, 17, 80, F9, 3B, 75, 0C, 84, C9, 74, 14, 40, 8A, 08, 80, F9, 0A, 75, F4, 80, 38, 20, 7F, 09, 40, 8A, 08, 84, C9, 75, E3, 33, C0, C2, 04, 00, 8B, 4C, 24, 04, EB, 05, 84, C0, 74, 11, 41, 8A, 01, 3C, 0A, 75, F5, 41, 51, E8, C0, FF, FF, FF, C2, 04, 00, 33, C0, EB, F9, 53, 8B, 5C, 24, 0C, 56, 8B, 74, 24, 0C, 57, C6, 03, 00, EB, 0C, 56, E8, CB, FF, FF, FF, 8B, F0, 85, F6, 74, 2D, 80, 3E, 5B, 75, EF, 8D, 46, 01, EB, 0A, 84, C9, 74, 1F, 80, F9, 20, 7E, 0A, 40, 8A, 08, 80, F9...
 
[+]

Entropy:
7.9997  (probably packed)

Code size:
30 KB (30,720 bytes)

The file SFXCAB.EXE has been discovered within the following program.

Microsoft Silverlight  by Microsoft Corporation
Microsoft Silverlight is an application framework for writing and running rich Internet applications, with features and purposes similar to those of Adobe Flash. The run-time environment for Silverlight is available as a plug-in for web browsers running under Microsoft Windows.
www.silverlight.net
8% remove it
 
Powered by Should I Remove It?

The file SFXCAB.EXE has been seen being distributed by the following 50 URLs.

http://10.67.48.103/cobasit1000/.../download.aspx?Version=5.1.20125.0

http://nhapdiem.vn/.../silverlight4.exe

http://192.168.13.117/.../Silverlight.exe

http://sabtamar.ir/Dafater/.../SilverLight.exe

http://192.168.1.99/.../Silverlight.exe

http://200.123.198.82:8080/.../Silverlight.exe

http://192.23.1.151/.../Silverlight.exe

http://silverlight.dlservice.microsoft.com/download/6/A/1/6A13C54D-3F35-4082-977A-27F30ECE0F34/10329.00/.../Silverlight.exe

http://app.smarteach.com/home/Course_Offered/UGMED/IMA_Demo/CBT/.../Silverlight.exe

http://download-euro.oldapps.com/.../Silverlight_5.1.20125.0.exe

http://200.123.197.110:8080/.../Silverlight.exe

http://192.168.1.109/.../Silverlight.exe

http://46.100.41.94:8092/.../Silverlight.exe

http://192.168.2.116/.../Silverlight.exe

http://192.168.1.100/.../Silverlight.exe

http://192.168.0.254:10012/.../Silverlight.exe

http://41.48.21.74/msupdate/5/A/C/5AC56802-B26B-4876-8872-7303C8F27072/20125.00/.../Silverlight.exe

Latest 30 of 76 download URLs