» google earth setup.exe
Overview
Analysis
File Details
Downloads (1)

google earth setup.exe

The application google earth setup.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from google-earth.free-downloads.us.com.

File name:

MD5:

01c3d834ae824c4fd2c19bc18fec9255

SHA-1:

3c5ad0fe5b3d31da1bc8e484070fbe5b1d470b16

SHA-256:

ff5ac0b931a3d813b6cf1c0c929aea823d93a97e508e6f1e8756d1b9725953ab

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

4/18/2024 4:29:39 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Detection.Undefined

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.Soft32Downloader

16.07.06

ESET NOD32

MSIL/Soft32Downloader.C potentially unwanted application

8.0.319.0

F-Secure

Riskware.Application.Bundler.Soft32Downloader

5.15.96

File size:

452.9 KB (463,777 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\google earth setup.exe

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:he348ubRGErDDK+lYz8Sz7fYbT8URkMDMjvDAvS3qIl0kPH1RvyO7TY5T4xXZAy/:lwMDD4z8x0bDiuWkPDBfOkAXlgmY

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.8832

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file google earth setup.exe has been seen being distributed by the following URL.

http://google-earth.free-downloads.us.com/get/file/id/.../?lp=adwords&tg=us&kw=Google eart&mt=b&ad=42920666598&pl=&ds=s&gclid=CIzKwtje4b0CFY0-Mgod5mwAcw

Remove google earth setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.