» setup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (7)

setup.exe

The program is a setup application that uses the Microsoft Setup installer. The file has been seen being downloaded from eternal-wow-launcher.software.informer.com and multiple other hosts.

File name:

setup.exe

Description:

Setup

Version:

10.0.30319.1 built by: RTMRel

MD5:

972970f74aa4b0b6edacf4e7d89816cc

SHA-1:

0caef7bdf5372f4726da27f0c303367a2376d397

SHA-256:

e8d464bb16b690c9e21af29e35faf60f432fe5dd4509acce5bc8084b000349b1

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 1:37:29 AM UTC (today)

File size:

418.5 KB (428,544 bytes)

Product version:

10.0.30319.1

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Installer:

Microsoft Setup

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

File PE Metadata

Compilation timestamp:

3/18/2010 12:21:36 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:cqIpd/w8ylWKxavR+dJ1oMBClrbMAo+nhmuFfvY0SHZvuD3QSojDuUlXmeO:c7IRWDvFa+nhmuF3Y0scJeDuUlXr

Entry address:

0x2E541

Entry point:

E8, 9E, 4E, 00, 00, E9, 84, FE, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 5D, E9, 43, 15, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 66, 8B, 55, 0C, EB, 08, 66, 3B, CA, 74, 12, 83, C0, 02, 0F, B7, 08, 66, 85, C9, 75, F0, 66, 39, 10, 74, 02, 33, C0, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, 68, 2F, 45, 00, 00, 74, 13... 
[+]

Entropy:

6.2437

Code size:

314.5 KB (322,048 bytes)

The file setup.exe has been discovered within the following program.

World of Warcraft by Blizzard Entertainment

World of Warcraft is the fourth released game set in the fantasy Warcraft universe.

us.blizzard.com/support

8% remove it

The file setup.exe has been seen being distributed by the following 7 URLs.

http://eternal-wow-launcher.software.informer.com/.../

http://www.eternal-wow.com/.../setup.exe

http://www.fraps.com/.../setup.exe

https://eternal-wow.com/.../setup.exe

https://secure.oinstaller9.com/o/.../Setup.exe

http://secure.oinstaller.com/o/.../Setup.exe

http://eternal-wow.com/.../setup.exe

Scan setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.