home

setup.exe

Pelle Orinius

This is a setup and installation application. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.
Publisher:
Pelle Orinius  (signed and verified)

MD5:
5ee665b1b1de8e487d7df907dbcbc52a

SHA-1:
0f0450a84e901dc53c868b18145e647081ed3a8b

SHA-256:
50371a3f0b7467b3b29e376055087e1f69bca2e957c6ca24c8906710eb43b3af

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/3/2025 11:55:17 PM UTC  (a few moments ago)

File size:
7.2 MB (7,567,160 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Pelle Orinius

Authority:
CryptGuard Certification Authority

Valid from:
8/18/2006 8:01:49 PM

Valid to:
8/17/2011 8:01:49 PM

Subject:
CN=smorgasbordet.com, O=Pelle Orinius, E=pelle@smorgasbordet.com, L=Stockholm, C=SE

Issuer:
CN=CryptGuard Signing Root CA, O=CryptGuard Certification Authority, OU=cryptguard.com, OU=CPS Incorporated by Reference, E=signrootca@cryptguard.com, dnQualifier=6ee029803b5e11da9e150002a5d5c51b, L=Regina, S=Saskatchewan, C=CA

Serial number:
44E60E98

File PE Metadata
Compilation timestamp:
8/20/2006 3:58:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
196608:IOkWYgipyOXtpR2PZlowBul8kF8P9ugn7h:59YjJR2PX/Bul8uw9Bn7h

Entry address:
0x5A50

Entry point:
55, 89, E5, 81, EC, 88, 06, 00, 00, 53, 56, 57, FF, 15, 20, B7, 40, 00, 05, E8, 03, 00, 00, 89, 85, DC, FE, FF, FF, 83, A5, E4, FE, FF, FF, 00, 83, A5, E0, FE, FF, FF, 00, 83, 65, F0, 00, 83, 65, F4, 00, 83, 65, EC, 00, 83, 65, F8, 00, 6A, 00, FF, 15, 24, B7, 40, 00, A3, F0, FC, 40, 00, A1, F0, FC, 40, 00, 89, 85, D4, FE, FF, FF, 8B, 50, 3C, 01, D0, 89, 85, D0, FE, FF, FF, 83, B8, 9C, 00, 00, 00, 00, 0F, 95, D0, 83, E0, 01, 89, 85, E4, FE, FF, FF, FF, 15, E4, B8, 40, 00, FF, 15, 28, B7, 40, 00, 89, C3, 80...
 
[+]

Code size:
34.5 KB (35,328 bytes)

The file setup.exe has been seen being distributed by the following 4 URLs.

http://lb.cdn.m6web.fr/d/c/a/679e9ad6231b82b16e05b644c98f619d/582ebad0/longtail/0082/.../setup.exe

http://d110.cdn.m6web.fr/longtail/0082/.../setup.exe

http://lb.cdn.m6web.fr/d/c/a/2257f498c5887b44a0f1e8d4bef1bd6a/53fa2e30/longtail/0082/.../setup.exe

http://lb.cdn.m6web.fr/d/c/a/09ec8c7dc5f3d956789b07911262de5b/53f8ae3b/longtail/0082/.../setup.exe

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.