The Setup es ES WW4YF NXTRC XD9KX GFB9D 8MCW3 2024 exe (Office Deployment Tool) Office Deployment Tool File Malware Analysis
Gridinsoft Logo
File Icon

The Setup_es-ES_WW4YF-NXTRC-XD9KX-GFB9D-8MCW3_2024.exe (Office_Deployment_Tool) File Analysis

Updated 5 hours ago
Checked by Malware Check
Setup_es-ES_WW4YF-NXTRC-XD9KX-GFB9D-8MCW3_2024.exe

Technical Analysis

File Name Setup_es-ES_WW4YF-NXTRC-XD9KX-GFB9D-8MCW3_2024.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-25 21:00:33 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
14,651,776
File Size (bytes)
2025-12-25
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
bc96012ff8054386dca73b5edbf507f0
SHA1
d5096d93d073ef8d0b6cec5ec3dcac60e97a0459
SHA256
c1ec39d95e6de7bd09f66e1eb7d4d2cedf3b0b33dc8281382743e0f9e76db1a6
SHA512
e5942adb09c63b19a2a9e26de22a31f009f02fdbe454af855f661b555f2a50312dc393c185cd70684bd7206dd99e6a4e6d651ad5ee9ed859c086ded66f8f5b8d
ImpHash
4b1892ce4fbcfcf064c6f69d693fc6a5

PE Analysis

Basic Information

Icon
Hash: cf8b3d44cc80ac3d3f5b2c3f6848133a
Fuzzy: 71fcd2e860bbcd562ce257f969072383
dHash: e0c8ccc6c6c6c0e0
Image Base 0x140000000
Entry Point 0x1405c98b0
Compilation Time 2025-03-15 02:55:03
Checksum 0x00df9b7b (Actual: 0x00df9b7b)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\Corehost.Static\singlefilehost.pdb
Digital Signature An error occurred while validating the countersignature: The root Certum Trusted Network CA 2 lists its extended key usages, but {'time_stamping'} are not present
Imports 17 libraries
Exports 5 functions
Resources 10 Resources
Sections 10 Sections

Version Information

Translation 0x0000 0x04b0
CompanyName Office_Deployment_Tool
FileDescription Office_Deployment_Tool
FileVersion 1.0.0.0
InternalName Office_Deployment_Tool.dll
LegalCopyright
OriginalFilename Office_Deployment_Tool.dll
ProductName Office_Deployment_Tool
ProductVersion 1.0.0+feeb4209db0e94959c16fe17de057605f99413c8
Assembly Version 1.0.0.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 6,371,612 bytes 6,371,840 bytes 6.45 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 80BF0F853DB1F0A796C6B1C857467612
.CLR_UEF 0x00615000 221 bytes 512 bytes 3.10 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 540F4A8B81FEEA585245D5ED6423A625
.rdata 0x00616000 1,558,114 bytes 1,558,528 bytes 5.66 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3CC0524FF4ADC18DE24042932E2F74A9
.data 0x00793000 131,028 bytes 38,912 bytes 3.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 19AAC5B31A3EA9CF3B5089CB3FA43B0E
.pdata 0x007b3000 221,160 bytes 221,184 bytes 6.51 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ BCC30C301C87592088BA1A74F2770514
.didat 0x007e9000 56 bytes 512 bytes 0.43 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 89BDD1079AD6092AD6E20BAF117532C0
Section 0x007ea000 8 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
_RDATA 0x007eb000 78,344 bytes 78,848 bytes 5.48 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 617430A8CD708DDA1865FEE2910D8A1A
.rsrc 0x007ff000 1,431,428 bytes 1,431,552 bytes 6.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B3E493B03EE2547BD4B3342B34960538
.reloc 0x0095d000 32,296 bytes 32,768 bytes 5.45 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 20082470B1A239F83DE2B2DAB7B27921
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 10 (1,430,657 bytes)
Resource Type Count Total Size Percentage
RT_ICON 4 82,656 bytes
5.8%
RT_RCDATA 3 1,343,600 bytes
93.9%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 928 bytes
0.1%
RT_MANIFEST 1 3,411 bytes
0.2%

Certificate Chain Analysis

Certificate Information
Product Office_Deployment_Tool
Description Office_Deployment_Tool
File Version 1.0.0.0
Original Name Office_Deployment_Tool.dll
Signing Date 10:45 PM 04/27/2025 (242 days ago)
Verification Status Signed
Signers AGM Software OÜ; Certum Extended Validation Code Signing 2021 CA; Certum Trusted Network CA 2; Certum Trusted Network CA
Counter Signers Certum Timestamp 2025; Certum Timestamping 2021 CA; Certum Trusted Network CA 2; Certum Trusted Network CA
Internal Name Office_Deployment_Tool.dll
Certificate Chain Summary
.NET DAC #1 Primary
Validity Period: 2024-10-10 20:21:25 → 2025-07-04 20:21:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 05 B3 02 17 FC 2A 4C 56 98 3B 00 00 00 00 05 B3
Microsoft Code Signing PCA 2010 #2 Chain
Validity Period: 2010-07-06 20:40:17 → 2025-07-06 20:50:17
Signature Algorithm: sha256RSA
Serial Number: 61 0C 52 4C 00 00 00 00 00 03
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2024-07-25 18:31:22 → 2025-10-22 18:31:22
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 01 D1 45 59 98 10 CC 42 4F 00 01 00 00 02 01
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15
Certum Trusted Network CA 2 #5 Chain
Validity Period: 2021-05-31 06:43:06 → 2029-09-17 06:43:06
Signature Algorithm: sha384RSA
Serial Number: 1B B5 8F 25 2A DF 23 00 49 28 C9 AE 3D 7E ED 27
Certum Timestamp 2025 #6 Chain
Validity Period: 2025-01-09 08:40:43 → 2036-01-07 08:40:43
Signature Algorithm: sha384RSA
Serial Number: 9E 9C 04 F6 55 A8 B4 A7 02 6D 49 8C 6C 78 8D AA
Certum Timestamping 2021 CA #7 Chain
Validity Period: 2021-05-19 05:32:07 → 2036-05-18 05:32:07
Signature Algorithm: sha384RSA
Serial Number: E7 FF 69 C7 3B 35 CE 4B 91 26 D8 74 7C 68 A5 87
Certum Extended Validation Code Signing 2021 CA #8 Chain
Validity Period: 2021-05-19 05:32:13 → 2036-05-18 05:32:13
Signature Algorithm: sha384RSA
Serial Number: BB F0 CC B5 B7 B8 31 FD 21 AE 32 77 8A E4 0C 89
AGM Software OÜ #9 Chain
Validity Period: 2024-05-17 12:08:57 → 2025-05-17 12:08:56
Signature Algorithm: sha256RSA
Serial Number: 04 51 56 00 AF 94 B0 95 1F B6 28 12 AD D4 70 B6

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

An error occurred while validating the countersignature: The root Certum Trusted Network CA 2 lists its extended key usages, but {'time_stamping'} are not present

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware