home

chrome_setup.exe

Generic Soft

Trusted Downloads

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application chrome_setup.exe, “Generic Soft Setup ” by Trusted Downloads has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The installer is marketed through download protals and search ads as Google's Chrome web browser but will also install additional software offers which include adware, PUPs and browser toolbars.
Publisher:
Trusted Downloads  (signed and verified)

Product:
Generic Soft

Description:
Generic Soft Setup

MD5:
8e3a350c8d3fa058edfdf27cdc52cab3

SHA-1:
d1de32352ff59cce9f22952aea2431d57c926630

SHA-256:
d6647097dedc6d9a6edab9dc838d187efab8645e567116592eeff9b4eeea30d0

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
5/6/2024 9:34:38 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.3.4

File size:
783.3 KB (802,112 bytes)

Product version:
1.7

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\chrome_setup.exe

Digital Signature
Signed by:
Trusted Downloads

Authority:
COMODO CA Limited

Valid from:
9/15/2014 1:00:00 AM

Valid to:
9/15/2016 12:59:59 AM

Subject:
CN=Trusted Downloads, O=Trusted Downloads, STREET="1608 S. Ashland Ave #41118", L=Chicago, S=Illinois, PostalCode=60608, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D2F38CCB3D8FCDC4C73BF2B8A9ADDC51

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Entropy:
7.8803

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file chrome_setup.exe has been seen being distributed by the following URL.

http://cdn.downloadzonefiles.org/?downloadAs=Chrome_Setup.exe&data=MnJ6NFZ1hApX0fCkkMugc3PM K1TLV /q3K5 z1rkwZjOqwKMYXEEXw3 VUXwiXdk87h5KwJM72 lSrersX6dlQXue3OSob4OhJf t3vJwNQdkDy2KaL rgCL08p8KoSDcEBgt7u02 74MSQPz9rrN AQA4LylL1vRbZqFJ8setRjj35z9gYtn8qHutYJIix/NitXHtpK6o5BfyrivnbDW6UY64EhJNGUjvDu8PEhJuWmUjWK3Pz O8mPfzEGPFPzOVR68lAZ/m/4qOh5AXcS28szG6VErrZprzz FGOia8DW75v2 ZRJo9D7t1ilbGSoj BrrYsWUXYSiABgW72fXnJAytzheLIovIOSfUw 35dmPHYmIM7XbUDLhbIAChV Ic123 Y5 7k5BUtj38yMD7Xey7VhZvDCpR42rEV 4V9VFyZYVq5LKCjszLdTBTFMrJE9ltVEMl9 ubMS5vPYUVzVy5WpFU72x5GfdRWz92Wl FNAXSneHzlWf0O2VV9FsIjMCZblhyaVq9dk8BDDrBJyCt NAQHOYG F4WPsHFKKR4yeip94CQtrwWrNUx7mejUayR9a22sMCZ5V8yx0EI/Pe3Emp /IzjlPoDtw5ZdQoWb1GgVlyNPfgKOgpFOEprebF/E4USPEy7RyFl1T8oMlOZFKXqwCMR3Tk DZcL7GEtFsJKD6lYSOS4QpaQI 4id4HpNLObYl14NveMDErD7AC2mppOogH0YN6Cdvrx0HfbZWs8mIpAeCBBFrAZ8bB xOawGCxZQKVj/.../Ww 9Fn7YIORP9xOSzOi5DOgppeGAu5mWu4kzNQSb2 06MUucLxgY2A7jlpdwrN02ea2Ysy0cnuTWgk8ROQ j2zwD&key=m7CVgjmpskhuySb3XfMlJ8sIjqVUSKzptEOX270SL2zP

Remove chrome_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.