home

setup.exe

Aveva Solutions Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘dotNetInstallerBoot’.
Publisher:
Aveva Solutions Ltd  (signed and verified)

MD5:
a4b01f9aa08a5e427b36b9cbafeade86

SHA-1:
06820ada0794f9d9e1440b1d6e2604e18d2298d4

SHA-256:
2cba7025bb00d36ff8e94e4f0fb45995d3ae5253b72984335daa08e214880ab6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 4:29:53 AM UTC  (today)

File size:
411.8 KB (421,712 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Aveva Solutions Ltd

Authority:
VeriSign, Inc.

Valid from:
10/4/2010 8:00:00 AM

Valid to:
5/24/2013 7:59:59 AM

Subject:
CN=Aveva Solutions Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Aveva Solutions Ltd, L=Cambridge, S=Cambridgeshire, C=GB

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
454DAE9A323903D5E26BC0EEE294F95F

File PE Metadata
Compilation timestamp:
5/19/2009 10:16:03 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x23AFD

Entry point:
E8, CA, 7B, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, F3, 5D, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, A1, 01, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 7F, 10, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, 1E, 0E, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8, A4, 5D, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, AD...
 
[+]

Entropy:
6.1879

Code size:
262 KB (268,288 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
dotNetInstallerBoot

Command:
C:\aveva installer\aveva laser\52083 - aveva laser modeller scan gateway 12.0.0\almsg12\setup.exe


Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.