home

windowsxp-kb823980-x86-cht.exe

Microsoft Windows Operating System

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from download.microsoft.com.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft(R) Windows(R) Operating System

Description:
Self-Extracting Cabinet

Version:
5.3.0018.1 (xpclnt_qfe.020226-1835)

MD5:
db1a7030f1da3bb2c7f20a8f8a95e0a6

SHA-1:
4773afca1f17105f49beb3e6cc7f242c3a0f3984

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/25/2024 8:55:08 AM UTC  (today)

File size:
1.2 MB (1,290,016 bytes)

Product version:
5.3.0018.1

Copyright:
(C) Microsoft Corporation. All rights reserved.

Original file name:
SFXCAB.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\windowsxp-kb823980-x86-cht.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
5/30/2002 3:32:40 AM

Valid to:
7/30/2003 3:42:40 AM

Subject:
CN=Microsoft Windows XP Publisher, OU=Copyright (c) 2002 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification Intermediate PCA, OU=Copyright (c) 1999 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=WA, C=US

Serial number:
610E3B71000000000027

File PE Metadata
Compilation timestamp:
4/24/2003 7:54:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
24576:pfljInLxu+HVKl1ZVcEtwyRBzY+KmZjm8vCn2mpa37vKN6AVOVZGRvvE7KwJ8b33:pfZCLQs61zBVS+Km5KZpa37HfyRsKfbn

Entry address:
0x41FD

Entry point:
E9, C5, FA, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 68, 04, 08, 00, 00, FF, D6, 59, 33, C9, 3B, C1, 75, 0F, 51, 6A, 05, FF, 75, 28, E8, 2E, 11, 00, 00, 33, C0, EB, 69, 8B, 55, 0C, 83, 88, 88, 00, 00, 00, FF, 83, 88, 84, 00, 00, 00, FF, 89, 50, 04, 8B, 55, 10, 89, 50, 0C, 8B, 55, 14, 89, 50, 10, 8B, 55, 18, 89, 50, 14, 8B, 55, 1C, 89, 50, 18, 8B, 55, 20, 89, 50, 1C, 8B, 55, 24, 89, 50, 20, 8B, 55, 28, 89, 48, 48, 89, 48, 44, 89, 48, 4C, B9, FF, FF, 00, 00, 89, 70, 08, 89, 10, 66, C7, 80, B2, 00, 00, 00, 0F, 00...
 
[+]

Entropy:
7.9955

Developed / compiled with:
Microsoft Windows Update CAB SFX module

Code size:
21.5 KB (22,016 bytes)

The file windowsxp-kb823980-x86-cht.exe has been seen being distributed by the following URL.

https://download.microsoft.com/download/2/3/6/.../WindowsXP-KB823980-x86-CHT.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.