» mbam-setup.exe
Overview
Analysis
File Details
Programs (4)
Downloads (199)

mbam-setup.exe

Malwarebytes Anti-Malware

Malwarebytes Corporation

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

mbam-setup.exe

Publisher:

Malwarebytes Corporation (signed by Malwarebytes Corporation)

Product:

Malwarebytes Anti-Malware

Version:

2.0.1.1004

MD5:

302103af95a8f43ad85f80dae14bdb9c

SHA-1:

9d731ac16d764d804dec83b7483e329a55e72142

SHA-256:

f23f3c971c7aa05f74f4b8499995f2cd3096676071b0ed06e434436739b9c08f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 5:11:34 AM UTC (today)

File size:

16.5 MB (17,305,616 bytes)

Product version:

2.0.1.1004

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\ProgramData\malwarebytes\malwarebytes anti-malware\mbam-setup.exe

Digital Signature

Signed by:

Malwarebytes Corporation

Authority:

VeriSign, Inc.

Valid from:

4/29/2013 6:00:00 PM

Valid to:

6/19/2016 5:59:59 PM

Subject:

CN=Malwarebytes Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Malwarebytes Corporation, L=San Jose, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6F36C4B74B4F8AB001F039D692A75B49

File PE Metadata

Compilation timestamp:

6/19/1992 4:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:HN+vx2iJlHQWOeQTXMkYAHvjdzcxZeutJEWNWmR3V:kvx2xWDWXMkYAHvj96e8EiVR3V

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9999

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file mbam-setup.exe has been discovered within the following programs.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

Adobe Acrobat XI Pro by Adobe Systems Incorporated

Adobe Acrobat is a set of application software to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.

www.adobe.com

6% remove it

ASUS Wireless Router RT-AC66U Manuals by ASUS

8% remove it

CCleaner by Piriform

CCleaner developed by Piriform, is a utility program used to clean potentially unwanted files and invalid Windows Registry entries from a computer.

www.piriform.com/ccleaner

3% remove it

The file mbam-setup.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/9d7/31a/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=64733&instance=softonic_jp&type=PROGRAM&Expires=1469273093&Signature=NNHuezYI3KTzlIr8feVzB~U7lvjKh87tvVZ7auI4CYFJ7hAcbCJYH99w6FeeKz7p8xp7Hr46mbaWmx-N6pW5eT~4WIAbCGPEFEUzocmvLFCugjHiL5Ew46chCtKH9CKi4w6d5MKfWz3Mq2ko0lp18liij9sctdNZFRxieGyZOIc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mbam-setup-2-0-1-1004.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=013be379bd0d35075c6c31246da06a9a273ead8ba819ea53fe319e6692494a1c622079f8e76d2fb11522f9fa0d2e0c53443212dfbaf54e65765cc34ef480dc9fc69cf487c94891fcfd2c300af9108261c70a8420ad541968801a30ca1f7f3cffff30bc211f085c9f90ffed795a2cc176a766bb1e1814257b567f38c287f1f523eeca5c7c6a36f2827969c12fcb8027e7bd56049cb85b86&url=0b3da36fa30172185e33336174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e33336174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-mbam-setup-2.0.1.1004.exe

https://www.hightail.com/.../directDownload&fl=SWhZekZoZEs1bmhMWFBkTmlXN1FIVE9yQndFdURvR2pEbVZDbnRBQUVTc1REWU42ZDNkSVRxL0VFSE5RbDh1b1E3L0RZakdNQndJaks1UmFBazMzRTNJL3cwRWhUbFlaMFlDWmNBPT0

http://www.filehippo.com/download/file/.../

http://www.filepuma.com/file/1400040261c5555/malwarebytes_anti_malware_2.0.1/.../0/

http://www.filepuma.com/file/1398773849c5555/malwarebytes_anti_malware_2.0.1/.../0/

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=502be626e60f3e501467722d35f67e982164a990a748fb4dba2d8d62c943484e622079f8e76d2fb11522f9fa0d2e0c53443212dfbaf54e65765cc34ef480dc9fc69cf487c94891fcfd2c300af9108261c70a8420ad541968801a30ca1f7f3cffff30bc211f085c9f90ffed795a2cc176a766bb1e1814257b567f38c287f1f523eeca5c7c6a36f2827969c12fcb8027e7bd56049cb85b86&url=0b3da36fa30172185e33336174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e33336174fd75853636b390ad53fc55a0&jump_type=download&file=sinhvienit.net-mbam-setup-2.0.1.1004.exe

http://fs40.filehippo.com/3991/.../mbam-setup-2.0.1.1004.exe

http://www.filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/9993704a222664c3e2f7994e91fcd893/536a68f6/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://www.filehippo.com/download/file/.../

http://dwcdn.html.it/index.php?softname=mbam-setup-2.0.1.1004.exe&code=1397831467&q=NjkyNjR8bWFsd2FyZWJ5dGVzLWFudGktbWFsd2FyZS1mcmVlLTM=

http://lb.cdn.m6web.fr/d/c/a/83f8e207beb146666919a4c0727ebf73/53837d8a/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://www.filepuma.com/file/1398875634c5555/malwarebytes_anti_malware_2.0.1/.../0/

http://lb.cdn.m6web.fr/d/c/a/c91543adab28979c6d60b5db039cbf6f/538b867f/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://www.telecharger-cool.com/?wpfb_dl=35

http://lb.cdn.m6web.fr/d/c/a/bb2efae376fc296cbf8647d01d6372d9/537cfabf/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://lb.cdn.m6web.fr/d/c/a/e77169203533cc24117afd1d23b00f21/53879cf8/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://lb.cdn.m6web.fr/d/c/a/04f778542bd0886ac278e1bc9f3adbc6/5386ebb2/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://mirror.warer.com/windows/apps/malwarebytes-anti-malware/.../malwarebytes-anti-malware.exe

http://lb.cdn.m6web.fr/d/c/a/c0e07871b738dbeb95b38a259f7cc2e6/5368edf7/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://global-shared-files-l3.softonic.com/9d7/31a/.../file?nvb=20140501103159&nva=20140501223259&token=00315008a51c45bc39320&id_file=64733&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=mbam-setup-2-0-1-1004.exe

http://dwcdn.html.it/index.php?softname=mbam-setup-2.0.1.1004.exe&code=1397386462&q=NjkyNjR8bWFsd2FyZWJ5dGVzLWFudGktbWFsd2FyZS1mcmVlLTM=

http://dw.uptodown.com/dwn/L4QLvDnpS_inbu0kQrYVkuNx5Gh_McnrtGo1HagOkOMEnuYBb9qvJkZ67lz5bbbnWt4Tn9vl6sc-DwG9xzDz3wkQA_OyFPOEecRsLfR9sghdPde8cHDHy3ow6syGMPmh/d0TsVdbnn_mcIC6Jdb8XSBGM8yTLMWueTinaEhMRzklckOoFnFhDGHWrGqQydtLswIYHEt75DItfMudXSeDtXyEWKyJjvIkJVWtqgoWLkY2kw6fngrGR-LsQL6pFjobW/.../

http://gsf-cf.softonic.com/9d7/31a/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=64733&instance=softonic_jp&type=PROGRAM&Expires=1449280450&Signature=dWBKsKl9qNp21QsoHCK0ScCbcedv4KPKzDowY6C~CwAv-Djgg9BaYv8MNGBd8eNFdbOmhBD5uibm7TgeO0WMVsP9D2b1rOTPo1nzCVjzOcJxpFs0NXy1g9j6ce-m7PuaXfUpgUnAguYLML6X2c-zzXlPzwHasom0Zica4fO4P8Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mbam-setup-2-0-1-1004.exe

http://lb.cdn.m6web.fr/d/c/a/a26c9bfef37097ea098a7de5c86b3430/534a8991/soft/.../malwarebytes-anti-malware_2-0-1-1004_fr_215092.exe

http://www.filehippo.com/download/file/.../

https://doc-0g-4s-docs.googleusercontent.com/docs/securesc/e1ptoos4md1rp4k68v73v6s994tkf14e/mms3ujuss1cvu80tuu89edq43dicucro/1437573600000/.../00243423893307471998/0ByP7s53Lp3XlYXZRRDc2RlRYTDg?e=download

http://www.filehippo.com/download/file/.../

Latest 30 of 199 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.