home

reflect_setup_free.exe

Installer Stub

Paramount Software UK Ltd

This is a self-extracting archive and installer. The file has been seen being downloaded from majorgeeks.mirror.internode.on.net and multiple other hosts.
Publisher:
Paramount Software UK Ltd  (signed and verified)

Product:
Installer Stub

Version:
5, 1, 5870, 0

MD5:
2795cc8a136474cb3a3467eb4979c302

SHA-1:
6e6b1d02506e74a9fbbe75092212a9cfd7d39da7

SHA-256:
e0db64784bd219bf8902476f9c790da23d82aaf4c1d3d657b97bca396e042082

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:51:10 AM UTC  (today)

File size:
37.3 MB (39,059,576 bytes)

Product version:
5, 1, 5870, 0

Copyright:
(c) Paramount Software UK Ltd. All rights reserved.

Original file name:
InstallStub.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\reflect_setup_free.exe

Digital Signature
Signed by:
Paramount Software UK Ltd

Authority:
GlobalSign nv-sa

Valid from:
11/8/2010 11:36:13 AM

Valid to:
11/8/2013 11:36:10 AM

Subject:
CN=Paramount Software UK Ltd, O=Paramount Software UK Ltd, L=Manchester, S=Greater Manchester, C=GB

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012C2C8AD4A2

File PE Metadata
Compilation timestamp:
4/16/2013 2:14:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:UkLHAXU0DVohzsg6uxLNVewsAy/LazIyficW2GEO+K2eC:UkSUXmg6uFOwnOavfizWotC

Entry address:
0x209B9

Entry point:
E8, FC, 9F, 00, 00, E9, 16, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, C4, 45, 44, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, C4, 45, 44, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
7.7952  (probably packed)

Code size:
212 KB (217,088 bytes)

The file reflect_setup_free.exe has been seen being distributed by the following 5 URLs.

http://majorgeeks.mirror.internode.on.net/.../reflect_setup_free.exe

http://www.majorgeeks.com/index.php?ct=files&action=download&

http://software-files-a.cnet.com/s/software/13/09/41/.../reflect_setup_free.exe

http://od.ccm2.net/www.commentcamarche.net/download/.../reflect_setup_free-5.2.6249.exe

http://www.commentcamarche.net/download/.../telecharger-34059007-macrium-reflect

Scan reflect_setup_free.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.