home

ducsetup.exe

Vitalwerks Internet Solutions

This is a setup and installation application. This is installed with No-IP DUC. The file has been seen being downloaded from download.gg and multiple other hosts.
Publisher:
Vitalwerks Internet Solutions  (signed and verified)

MD5:
7cace1eb9ad97eed85ab9c22a76fa995

SHA-1:
513ceb83bec05d44c1008e58a103e8f631c445e8

SHA-256:
e25781621ab2dc832b427900321091d60802222f4650511539b4f6b132e25b63

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 1:58:53 AM UTC  (today)

File size:
1.1 MB (1,117,296 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ducsetup.exe

Digital Signature
Signed by:
Vitalwerks Internet Solutions

Authority:
VeriSign, Inc.

Valid from:
5/17/2010 8:00:00 PM

Valid to:
5/18/2011 7:59:59 PM

Subject:
CN=Vitalwerks Internet Solutions, OU=No-IP.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Vitalwerks Internet Solutions, L=Reno, S=Nevada, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54507FB2DFB683B3B3A2EC0EBCA77A53

File PE Metadata
Compilation timestamp:
6/6/2009 5:41:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:8WTCOwVk2Od+oTOQNvZdI+jLJzBLfxCKfxeZnoP:LwVbfQNvZdZjdlLfxVfx8noP

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9866  (probably packed)

Code size:
23 KB (23,552 bytes)

The file ducsetup.exe has been discovered within the following program.

No-IP DUC  by Vitalwerks Internet Solutions LLC
Publisher's description - “No-IP has been offering the best and most affordable Managed DNS solutions. Our robust Anycast Network with points of presence in 11 different world class facilities across the globe guarantees our 100% Uptime, because let's face it, there are no upsides to downtime.”
www.no-ip.com
About 8% of users remove it
 
Powered by Should I Remove It?

The file ducsetup.exe has been seen being distributed by the following 25 URLs.

https://download.gg/download-6092739-ducsetup-exe

https://mega.nz/temporary/.../CNNzgLTQ

http://fisu-online.mex.tl/dl_16110.html

&onid=2648&oid=3001-2648_4-10055182&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=networking/internet-ops&topicbrcrm=&pid=11457069&mfgid=77301&merid=77301&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=1f94b7028d9ce375f2c1e92d&viewguid=hGZzrKhDWuIzRnN3dpnESqGRSRHvpTayItFa&destUrl=http://files.downloadnow.com/s/software/11/45/70/.../ducsetup.exe

https://d1ob5g40gc5b6g.cloudfront.net/1/401/.../ducsetup.exe

http://ultradownloads.com.br/.../2,1009205.html

http://www.megalab.it/.../2650

http://freedownloadshare.com/.../dl.php?id=Uq7Xvse0&dir=file&name=No-IP_DUC_V3.0.4.exe

&onid=2648&oid=3001-2648_4-10055182&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=networking/internet-ops&topicbrcrm=&pid=11457069&mfgid=77301&merid=77301&ctype=dm&cval=NONE&devicetype=desktop&pguid=1f39ccbba4c08878f497fd57&viewguid=dDZLebEXq@suz2A5T4CbDLCvM5CWm8JADjVT&destUrl=http://files.downloadnow.com/s/software/11/45/70/.../ducsetup.exe

http://no-ip-duc-dynamic-update-client.soft32.com/get/file/id/.../?no_download_manager=true

http://download841.mediafire.com/n18ep9ov8rpg/.../ducsetup.exe

http://files.freetrialdownload.com/1/401/.../ducsetup.exe

http://no-ip-duc-dynamic-update-client.soft32.com/get/file/id/.../

http://no-ip-com-duc.software.informer.com/.../

http://files.downloadnow.com/s/software/11/45/70/.../ducsetup.exe

http://no-ip-duc-dynamic-update-client.soft32.com/get/file/id/.../

http://download1112.mediafire.com/n347rkcqpzog/.../ducsetup.exe

http://software-files-a.cnet.com/s/software/11/45/70/.../ducsetup.exe

http://www.noip.com/.../ducsetup.exe

http://download682.mediafire.com/uoc6k9vrp8vg/.../ducsetup.exe

http://download682.mediafire.com/5397upzcahsg/.../ducsetup.exe

http://no-ip-duc.software.informer.com/.../

https://www.no-ip.com/.../ducsetup.exe

http://download1967.mediafire.com/u5toy6v5exig/.../ducsetup.exe

http://www.no-ip.com/.../ducsetup.exe

Scan ducsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.