» isafe_setup.exe
Overview
Analysis
File Details
Downloads (2)

isafe_setup.exe

The application isafe_setup.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from www.po114.org and multiple other hosts.

File name:

isafe_setup.exe

MD5:

353435e1a468838202cb5c4ea7162904

SHA-1:

edbeed6e4ea469785fbbf37c6b6b89bfa6d2c9d1

SHA-256:

53c74d1574adfecea8ea1ab3f702fa59bc314929130717b633ed8376ae059b0e

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/17/2024 3:22:54 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Elex.iSafe (M)

16.7.8.9

File size:

8.5 MB (8,898,864 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\isafe_setup.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

196608:al3Ud3EuQpM1+v5Uzr13CuK7Bb0hQa0aStKUybC8+E3+RyAsd:oEdUuOM1+xhb0biKUTHEMsd

The file isafe_setup.exe has been seen being distributed by the following 2 URLs.

http://www.po114.org/.../iSafe_setup.exe

http://www.po114.org/.../isafe_organic_setup.exe

Remove isafe_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.