» setup.exe
Overview
Analysis
File Details
Programs (1)

setup.exe

RestoreMaster

Chongqing XIA Software Technology, Inc.

File name:

setup.exe

Publisher:

XIASOFT TECH CO.,LTD. (signed by Chongqing XIA Software Technology, Inc.)

Product:

RestoreMaster

Description:

RestoreMaster installation

Version:

3,3,0,1003

MD5:

c60c3e4ea1cbb847d2f1c960fdaeb8c1

SHA-1:

0780aeca2475ef0b8710dc9f4182de1b6d085b94

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 11:16:14 PM UTC (a few moments ago)

File size:

496.9 KB (508,872 bytes)

Product version:

3,3,0,1003

Original file name:

InstallFastRescovery.EXE

File type:

Executable application (Win32 EXE)

Language:

Chinese (PRC)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\setup.exe

Digital Signature

Signed by:

Chongqing XIA Software Technology, Inc.

Authority:

VeriSign, Inc.

Valid from:

9/10/2013 1:00:00 AM

Valid to:

9/7/2014 12:59:59 AM

Subject:

CN="Chongqing XIA Software Technology, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Chongqing XIA Software Technology, Inc.", L=ChongQing, S="Yubei District, ChongQing", C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

15460F15A5EB1B967F68E0513800E16C

File PE Metadata

Compilation timestamp:

11/1/2013 12:31:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:rSSRv7nkvQXziyHTQ1DMnygUAspBWPwzn+3QFo7de6JXJM/kyugn1s:rrRvjkvQXz7zQ1AnygHspBWP2n+3Mo7z

Entry address:

0x211F4

Entry point:

55, 8B, EC, 6A, FF, 68, A0, 4A, 42, 00, 68, CA, 15, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 5C, 34, 42, 00, 59, 83, 0D, A0, EA, 43, 00, FF, 83, 0D, A4, EA, 43, 00, FF, FF, 15, 60, 34, 42, 00, 8B, 0D, 94, EA, 43, 00, 89, 08, FF, 15, 98, 34, 42, 00, 8B, 0D, 90, EA, 43, 00, 89, 08, A1, 9C, 34, 42, 00, 8B, 00, A3, 9C, EA, 43, 00, E8, 64, 03, 00, 00, 39, 1D, D0, C5, 43, 00, 75, 0C, 68, C6, 15, 42, 00, FF, 15... 
[+]

Entropy:

4.5829

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

136 KB (139,264 bytes)

The file setup.exe has been discovered within the following program.

Sysrestore Pro by XIA Software Technology, Inc.

www.xia008.com

About 1% of users remove it

Scan setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.