home

mail-merge.exe

Setup Launcher Utility

Digital Software Development SRL

This is a self-extracting archive and installer. The file has been seen being downloaded from www.outlook-apps.com.
Publisher:
DS Development  (signed by Digital Software Development SRL)

Product:
Setup Launcher Utility

Version:
1.0.0.1

MD5:
5cd502647f136b2bab846717d9670cfa

SHA-1:
109370b22fff6a4f9d9d0d8c6a1445a8a653ab79

SHA-256:
12c4e5dfb7dd22e71ed33a9dabc709c3f39a33ddb4af0dead7b5ee9a979e0f23

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 1:10:45 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Win32.Bayrob
t3scan.1.9.5.0

File size:
11.3 MB (11,806,584 bytes)

Product version:
1.0.0.1

Copyright:
(c) DS Development. All rights reserved.

Original file name:
SetupLauncher.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\mail-merge.exe

Digital Signature
Signed by:
Digital Software Development SRL

Authority:
GoDaddy.com, Inc.

Valid from:
5/29/2013 4:41:19 AM

Valid to:
5/29/2014 3:55:22 AM

Subject:
CN=Digital Software Development SRL, O=Digital Software Development SRL, L=Bucharest, S=Bucharest, C=RO

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B5BB2878BB314

File PE Metadata
Compilation timestamp:
1/14/2014 9:58:17 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:uGwDqwaRZR8okObyzfKJnnHhCaBfNBTt9DUjocgtQ+yjjldqMv4lJcgSI1s9ThuJ:Qq//5eonnBCaB1L9gpg9yB4lJsosB3gN

Entry address:
0x22ABB

Entry point:
E8, B4, 4F, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 15, BC, 31, 43, 00, 6A, 01, A3, 2C, 4B, 44, 00, E8, 01, 55, 00, 00, FF, 75, 08, E8, 96, 54, 00, 00, 83, 3D, 2C, 4B, 44, 00, 00, 59, 59, 75, 08, 6A, 01, E8, E7, 54, 00, 00, 59, 68, 09, 04, 00, C0, E8, 64, 54, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 5E, DA, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 10, 49, 44, 00, 89, 0D, 0C, 49, 44, 00, 89, 15, 08, 49, 44, 00, 89, 1D, 04, 49, 44, 00, 89, 35, 00, 49, 44, 00, 89, 3D, FC...
 
[+]

Entropy:
7.9919  (probably packed)

Code size:
199.5 KB (204,288 bytes)

The file mail-merge.exe has been seen being distributed by the following URL.

http://www.outlook-apps.com/.../mail-merge.exe

Scan mail-merge.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.