home

outlook-bells.exe

Setup Launcher Utility

Digital Software Development SRL

This is a self-extracting archive and installer. The file has been seen being downloaded from www.outlook-apps.com.
Publisher:
DS Development  (signed by Digital Software Development SRL)

Product:
Setup Launcher Utility

Version:
1.0.0.1

MD5:
6b2a9c3f1b5bf592a24e944c0afd1510

SHA-1:
b33758c2c59ccea0b89c79d2c7707d8be1331f3b

SHA-256:
994fae7c7b06a7148a131aab72f47027b98020f9071e468e8b4ad0bd7a1a5b16

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 4:17:38 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
Win32/Trojan.97a
1.0.0.1077

File size:
13.5 MB (14,126,936 bytes)

Product version:
1.0.0.1

Copyright:
(c) DS Development. All rights reserved.

Original file name:
SetupLauncher.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\outlook-bells.exe

Digital Signature
Signed by:
Digital Software Development SRL

Authority:
GoDaddy.com, Inc.

Valid from:
12/12/2014 8:42:39 AM

Valid to:
12/12/2015 8:42:39 AM

Subject:
CN=Digital Software Development SRL, O=Digital Software Development SRL, L=Bucharest, C=RO

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
048F779D1FB182

File PE Metadata
Compilation timestamp:
12/3/2015 11:44:27 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
196608:HYCc7UldX/c4z25erIsbhO1z4pB7ifhwzMsOqj1GWawiEPewSg5N1+k19:HjcvZs9+p2MsRexQewSgTB

Entry address:
0x22543

Entry point:
E8, 53, 05, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, AC, 61, 43, 00, FF, 75, 08, FF, 15, B0, 61, 43, 00, 68, 09, 04, 00, C0, FF, 15, 94, 61, 43, 00, 50, FF, 15, A8, 61, 43, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 45, FE, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, E0, 7D, 44, 00, 89, 0D, DC, 7D, 44, 00, 89, 15, D8, 7D, 44, 00, 89, 1D, D4, 7D, 44, 00, 89, 35, D0, 7D, 44, 00, 89, 3D, CC, 7D, 44, 00, 66, 8C, 15, F8, 7D, 44, 00, 66, 8C, 0D, EC, 7D, 44, 00, 66, 8C, 1D, C8...
 
[+]

Entropy:
7.9403  (probably packed)

Code size:
212 KB (217,088 bytes)

The file outlook-bells.exe has been seen being distributed by the following URL.

https://www.outlook-apps.com/.../outlook-bells.exe

Scan outlook-bells.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.