» chrome_setup.exe
Overview
Analysis
File Details
Downloads (1)

chrome_setup.exe

The application chrome_setup.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages. The file has been seen being downloaded from officialpcupdates.com.

File name:

chrome_setup.exe

MD5:

6cafd5f462a55822844e1ad7d77c035f

SHA-1:

5d81d359370645d7b8211e4c68953ff9e1ab9b8d

SHA-256:

e1d6126cf5afc711cffab00e45058809196a68a18e00434c879961dc981a95f8

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/18/2024 12:53:16 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

8.3.1.6

avast!

Win32:PUP-gen [PUP]

2014.9-150803

Dr.Web

Adware.Downware.2216

9.0.1.0250

ESET NOD32

Win32/AdWare.iBryte.M application

9.7.0.302.0

herdProtect (fuzzy)

variant of update.exe (Adware)

2015.9.7.20

IKARUS anti.virus

PUA.SearchProtect

t3scan.1.9.5.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1461

Malwarebytes

PUP.Optional.OptimumInstaller.A

v2015.09.07.08

NANO AntiVirus

Trojan.Win32.Downware.cuifvl

0.28.0.58491

Panda Antivirus

PUP/iBryte

15.09.07.08

Rising Antivirus

PE:Malware.iBryte!6.14B5

23.00.65.15905

Sophos

iBryte Optimum Installer

4.98

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

VIPRE Antivirus

Optimum Installer

27502

File size:

1.6 MB (1,648,936 bytes)

File type:

Executable application (Win16 EXE)

Common path:

C:\users\{user}\downloads\chrome_setup.exe

File PE Metadata

Compilation timestamp:

1/16/2014 8:29:09 AM

OS version:

5.0

OS bitness:

Win16

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:H+xzEeerk1X5L1qkzjskB3EHvrjBGBdMi6:KzEPk1FzsvfBu6

Entry address:

0x35BF5

Entry point:

E8, BE, 8C, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, C8, 4C, 47, 00, E8, C1, 35, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, B8, CF, 58, 00, 77, 22, 6A, 04, E8, C1, 8E, 00, 00, 59, 83, 65, FC, 00, 56, E8, 23, 9C, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, CD, 35, 00, 00, C3, 6A, 04, E8, A4, 8D, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 83, 3D, 14, BC, 58, 00, 00, 75, 18, E8, F9, 81, 00, 00, 6A, 1E, E8, 21, 80, 00, 00, 68, FF, 00, 00, 00, E8, 37, 4D, 00, 00, 59, 59, A1... 
[+]

Entropy:

7.0858

Code size:

390.5 KB (399,872 bytes)

The file chrome_setup.exe has been seen being distributed by the following URL.

http://officialpcupdates.com/browser-update/.../install.php?sid=&uid=&source=D-Chrome-Media1&transaction_id=052b749f-8c1b-41ff-b704-e41bb18d2512

Remove chrome_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.