» chrome_setup.exe
Overview
Analysis
File Details
Downloads (1)

chrome_setup.exe

The application chrome_setup.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages. The file has been seen being downloaded from officialpcupdates.com.

File name:

chrome_setup.exe

MD5:

1eceae449722de8623dff7ea82a94cc8

SHA-1:

926e168d35e68f67d78c535475a22bfca14e2c83

SHA-256:

c96bf6752240b95c32d15917a7a30ae9c34c27edb4249c8fb02b52e9879d849d

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 8:51:09 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

8.3.1.6

avast!

Win32:PUP-gen [PUP]

2014.9-150803

Dr.Web

Adware.Downware.2216

9.0.1.0250

ESET NOD32

Win32/AdWare.iBryte.M application

9.7.0.302.0

herdProtect (fuzzy)

variant of update.exe (Adware)

2015.9.7.20

IKARUS anti.virus

PUA.SearchProtect

t3scan.1.9.5.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1461

Malwarebytes

PUP.Optional.OptimumInstaller.A

v2015.09.07.08

NANO AntiVirus

Trojan.Win32.Downware.cuifvl

0.28.0.58491

Panda Antivirus

PUP/iBryte

15.09.07.08

Rising Antivirus

PE:Malware.iBryte!6.14B5

23.00.65.15905

Sophos

iBryte Optimum Installer

4.98

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

VIPRE Antivirus

Optimum Installer

27502

File size:

1.6 MB (1,648,936 bytes)

File type:

Executable application (Win16 EXE)

Common path:

C:\users\{user}\downloads\chrome_setup.exe

File PE Metadata

Compilation timestamp:

1/16/2014 8:29:09 AM

OS version:

5.0

OS bitness:

Win16

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:3+xzEeerk1X5L1qkzjskB3EHvrjBGBdBih:azEPk1FzsvfBTh

Entry address:

0x35BF5

Entry point:

E8, BE, 8C, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, C8, 4C, 47, 00, E8, C1, 35, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, B8, CF, 58, 00, 77, 22, 6A, 04, E8, C1, 8E, 00, 00, 59, 83, 65, FC, 00, 56, E8, 23, 9C, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, CD, 35, 00, 00, C3, 6A, 04, E8, A4, 8D, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 83, 3D, 14, BC, 58, 00, 00, 75, 18, E8, F9, 81, 00, 00, 6A, 1E, E8, 21, 80, 00, 00, 68, FF, 00, 00, 00, E8, 37, 4D, 00, 00, 59, 59, A1... 
[+]

Entropy:

7.0858

Code size:

390.5 KB (399,872 bytes)

The file chrome_setup.exe has been seen being distributed by the following URL.

http://officialpcupdates.com/browser-update/.../install.php?sid=&uid=&source=D-Chrome-Media1&transaction_id=052b749f-8c1b-41ff-b704-e41bb18d2512

Remove chrome_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.