home

diendanbaclieu.net_yusetup7.5.tmp

URSoft, Inc.

The file diendanbaclieu.net_yusetup7.5.tmp by URSoft has been detected as a potentially unwanted program by 2 anti-malware scanners. While running, it connects to the Internet address li105-80.members.linode.com on port 80 using the HTTP protocol.
Publisher:
URSoft, Inc.  (signed and verified)

Description:
Setup/Uninstall

Version:
51.1052.0.0

MD5:
7ab8825b99f80c5ee53d5ccdc9eff6ac

SHA-1:
486cf8a6b3c30dc3a76c3a8567d66bcbe974465d

SHA-256:
3834eece4563371742a40c10ef2c93991a5436f0049d98062f7c808ee67dbfc5

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
8/5/2025 1:06:09 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.URSoft.Installer
16.11.28.22

Trend Micro House Call
HV_ZYX_CA2230FD.TOMC
7.2.361

File size:
1.5 MB (1,596,712 bytes)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\diendanbaclieu.net_yusetup7.5.tmp

Digital Signature
Signed by:
URSoft, Inc.

Authority:
COMODO CA Limited

Valid from:
3/6/2012 7:00:00 AM

Valid to:
3/7/2015 6:59:59 AM

Subject:
CN="URSoft, Inc.", O="URSoft, Inc.", STREET=7241 W. Addison, L=Chicago, S=IL, PostalCode=60634, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2D52C7CF5E69A633AC3AED0E78F988DC

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to li105-80.members.linode.com  (72.14.190.80:80)

TCP (HTTP):
Connects to mail.ursoftware.com  (173.255.198.229:80)

Remove diendanbaclieu.net_yusetup7.5.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.