» setup.exe
Overview
Analysis
File Details
Behaviors (1)

setup.exe

SiS VGA Installer

SILICON INTEGRATED SYSTEMS CORP.

The executable setup.exe, “SiS VGA Installer” has been detected as malware by 5 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program SiS VGA Utilities by Silicon Integrated Systems Corporation.

File name:

setup.exe

Publisher:

Silicon Integrated Systems Corporation (signed by SILICON INTEGRATED SYSTEMS CORP.)

Product:

SiS (R) VGA Installer

Description:

SiS VGA Installer

Version:

7, 14, 10, 5264

MD5:

d2b25e8e3ca7259a60d3c241d9d2e207

SHA-1:

0b01fb11d235ef354fd3fa482e407a7c84069cbb

SHA-256:

003b22429443d04d713935b1a468d083572b58c03fb643c32a6c9095391b7142

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

4/24/2024 4:55:41 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Pioneer-C

160801-0

AVG

Win32/Floxif.A

2013.0.4447

ESET NOD32

Win32/Floxif.H virus

6.3

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.15.96

File size:

148.9 KB (152,423 bytes)

Product version:

7, 14, 10, 5264

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\sis vga utilities\setup.exe

Digital Signature

Signed by:

SILICON INTEGRATED SYSTEMS CORP.

Authority:

VeriSign, Inc.

Valid from:

7/14/2009 8:00:00 AM

Valid to:

8/12/2010 7:59:59 AM

Subject:

CN=SILICON INTEGRATED SYSTEMS CORP., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SILICON INTEGRATED SYSTEMS CORP., L=Hsinchu, S=Taiwan, C=TW

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4610B9B49837BC1080D0E6583D2A1238

File PE Metadata

Compilation timestamp:

12/18/2009 10:27:07 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:I+JliuPtamV2lQBV+UdE+rECWp7hKtfhf:HJl3FZBV+UdvrEFp7hKtfhf

Entry address:

0x1F4D

Entry point:

E9, 00, 6F, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, A3, 74, 00, 41, 00, C3, 55, 8D, AC, 24, 58, FD, FF, FF, 81, EC, 28, 03, 00, 00, A1, 00, F0, 40, 00, 33, C5, 89, 85, A4, 02, 00, 00, 56, 89, 85, 88, 00, 00, 00, 89, 8D, 84, 00, 00, 00, 89, 95, 80, 00, 00, 00, 89, 5D, 7C, 89, 75, 78, 89, 7D, 74, 66, 8C, 95, A0, 00, 00, 00, 66, 8C, 8D, 94, 00, 00, 00, 66, 8C, 5D, 70, 66, 8C, 45, 6C, 66, 8C, 65, 68, 66, 8C, 6D, 64, 9C, 8F, 85, 98, 00, 00, 00, 8B, B5, AC, 02, 00, 00, 8D, 85, AC, 02, 00, 00, 89, 85, 9C, 00... 
[+]

Entropy:

7.2421

Packer / compiler:

Xtreme-Protector v1.05

Code size:

44 KB (45,056 bytes)

Program Uninstaller

Program name:

SiS VGA Utilities

Display publisher:

Silicon Integrated Systems Corporation

Display version:

5.28.01

Uninstall string:

C:\Program Files\SiS VGA Utilities\Setup.exe -u

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.