home

bsetup.exe

MD5:
81555ca24848d2e8674a9a054bde86a2

SHA-1:
eade780c9742699232ec549507df70a3fad46bf8

SHA-256:
3f4d64eecfdb04b5b6e1ac72e40e211980ac50f4d485efada52ecb4bf21e142f

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/29/2024 10:08:42 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
TrojWare.Win32.TrojanDropper.Shutdown.~A
4641

Dr.Web
BackDoor.Radmin.60
9.0.1.074

Prevx
High Risk Worm
3.0

Vba32 AntiVirus
Trojan.BAT.FormatC
3.12.12.4

File size:
10.6 KB (10,844 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\bsetup.exe

File PE Metadata
Compilation timestamp:
3/21/2003 11:47:01 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.55

Entry address:
0x11CB

Entry point:
64, A1, 00, 00, 00, 00, 55, 89, E5, 6A, FF, 68, 1C, 40, 40, 00, 68, 9A, 10, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, 68, 28, 40, 40, 00, 68, 24, 40, 40, 00, 68, 20, 40, 40, 00, E8, DB, 15, 00, 00, FF, 35, 28, 40, 40, 00, FF, 35, 24, 40, 40, 00, FF, 35, 20, 40, 40, 00, 89, 25, 14, 40, 40, 00, E8, F6, 13, 00, 00, 83, C4, 18, 31, C9, 89, 4D, FC, 50, E8, C8, 15, 00, 00, C9, C3, 00, 00, 64, A3, 00, 00, 00, 00, C3, 00, 68, 24, 02, 00, 00, 68, 00, 30, 40, 00, E8, 11, 15, 00, 00...
 
[+]

Entropy:
4.8263

Developed / compiled with:
Microsoft Visual C++ (3.0 old crap)

Code size:
6.5 KB (6,656 bytes)

Scan bsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.