home

PSafeTotalSetup.exe

Instalador PSafe Total

PSafe Tecnologia S.A.

This is a self-extracting archive and installer. The file has been seen being downloaded from instalar.psafe.com and multiple other hosts.
Publisher:
PSafe  (signed by PSafe Tecnologia S.A.)

Product:
Instalador PSafe Total

Version:
4.0.0.3086

MD5:
3de586ad7f3c2b34e9e4cb8185ffe4c0

SHA-1:
2a5a7beed03ff4027a5676495a5681c942ee19bc

SHA-256:
b462fce86537a423afa033efd59dfababefabb198b367b525b2ae1f4ae6784e8

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 10:15:15 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Generic.11497044
t3scan.1.7.5.0

Trend Micro House Call
Suspicious_GEN.F47V0821
7.2.238

File size:
30.1 MB (31,591,624 bytes)

Product version:
4.0.0.3086

Copyright:
Copyright (C) 2014

Original file name:
PSafeTotalSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\downloads\psafetotalsetup.exe

Digital Signature
Signed by:
PSafe Tecnologia S.A.

Authority:
DigiCert Inc

Valid from:
1/20/2013 10:00:00 PM

Valid to:
1/26/2015 10:00:00 AM

Subject:
CN=PSafe Tecnologia S.A., O=PSafe Tecnologia S.A., L=Rio de Janeiro, S=Rio de Janeiro, C=BR

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07F79AA9335B794D70779F719061AFF2

File PE Metadata
Compilation timestamp:
8/20/2014 12:15:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:eJlMhvXlcG7YnalFbsMs342L6RN7uXDOTPxhsyCI6yM68fvHPltFbz/fiMMsMzjI:eoxs149iiwyCIz7Iv/F/niMnMIGVy

Entry address:
0x5F903

Entry point:
E8, CB, 94, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 83, 65, E0, 00, 57, 6A, 07, 59, 33, C0, 8D, 7D, E4, F3, AB, 5F, 85, F6, 75, 15, E8, 2D, 02, 00, 00, C7, 00, 16, 00, 00, 00, E8, 1C, 46, 00, 00, 83, C8, FF, C9, C3, 39, 45, 0C, 74, E6, 56, E8, 25, 95, 00, 00, 59, C7, 45, EC, 49, 00, 00, 00, 89, 75, E8, 89, 75, E0, 3D, FF, FF, FF, 3F, 76, 09, C7, 45, E4, FF, FF, FF, 7F, EB, 05, 03, C0, 89, 45, E4, FF, 75, 14, 8D, 45, E0, FF, 75, 10, FF, 75, 0C, 50, FF, 55, 08, 83, C4, 10, C9, C3, 8B, FF...
 
[+]

Code size:
614.5 KB (629,248 bytes)

The file PSafeTotalSetup.exe has been seen being distributed by the following 3 URLs.

http://instalar.psafe.com/total/.../PSafeTotalSetup_407.exe

http://instalar.psafe.com/total/.../PSafeTotalSetup_404.exe

http://instalar.psafe.com/total/.../PSafeTotalSetup_405.exe

Scan PSafeTotalSetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.