home

setup.exe

Norton Security Scan

Symantec Corporation

This is a setup and installation application. This is installed with Norton Security Scan. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Symantec Corp.  (signed by Symantec Corporation)

Product:
Norton Security Scan

Version:
2.0.0.1

MD5:
2616de336678004f684ddbc41d131df0

SHA-1:
15fee1206d7c60bf6bf399b4a4e8e9ce6435fa82

SHA-256:
33ff8e602d8b224db713c0bd30422b22ff1abc340a65c094d873671f813a6021

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 2:47:16 AM UTC  (today)

File size:
310.6 KB (318,088 bytes)

Product version:
2.0.0.1

Copyright:
(c) Symantec Corp. All rights reserved.

Original file name:
NSSSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Symantec Corporation

Authority:
VeriSign, Inc.

Valid from:
10/31/2007 12:00:00 AM

Valid to:
11/24/2010 11:59:59 PM

Subject:
CN=Symantec Corporation, OU=Symantec Research Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symantec Corporation, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
758F5EE8263B6694719D8434EB998608

File PE Metadata
Compilation timestamp:
7/22/2007 3:33:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:wjLOjTZIVuJCRZBk8JQ0XbMpb83JjZEYigl0rZOWyyuC0VxA74SOZA:mLO+MJCZbGeJDGZOWyyuC0Vx04ty

Entry address:
0x11DE6

Entry point:
55, 8B, EC, 6A, FF, 68, E0, 49, 41, 00, 68, E0, 1D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 28, 41, 41, 00, 59, 83, 0D, 64, 97, 41, 00, FF, 83, 0D, 68, 97, 41, 00, FF, FF, 15, 2C, 41, 41, 00, 8B, 0D, 40, 93, 41, 00, 89, 08, FF, 15, 30, 41, 41, 00, 8B, 0D, 3C, 93, 41, 00, 89, 08, A1, 34, 41, 41, 00, 8B, 00, A3, 60, 97, 41, 00, E8, 1C, 01, 00, 00, 39, 1D, 90, 91, 41, 00, 75, 0C, 68, 6E, 1F, 41, 00, FF, 15, 38, 41...
 
[+]

Entropy:
7.6733

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
73 KB (74,752 bytes)

The file setup.exe has been discovered within the following program.

Norton Security Scan  by Symantec Corporation
Norton Security Scan is a software tool designed to help you understand if your computer is currently protected from known threats.
www.symantec.com/techsupp
53% remove it
 
Powered by Should I Remove It?

The file setup.exe has been seen being distributed by the following 15 URLs.

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1426787108&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=awIPe6qcGZQOWdHrVQYLBumIRQcZEdYrDVDYr1DyC44X7ar5UnZQBbE-cJmmV1Z4EHOY9Y4u5~pZCRhOw~PlXqMsdyT3~tWAhz4lz-HNNUVoKO4M1SyIUBRSKm-fBYkBueze4FcypwdtvuDpKU-AZuCEPW51bItYTsSVpUHunI4_&filename=Setup.exe

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1445309501&Signature=FWz6wK9FUtgf4ieb8ZpHepjJrle2GDUQApnqs~sgYIhM0vwf~b1haM8fxKZeC~acqHR654im6QJARTepwv-uEymseaZZiK5KNWAHfjahHevEbjVYnEYDsKrN0nfzcdAw38PLRZsuKW8TPqIBHeJIgz1Pnyczz7Or3iLwIza4HVU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Setup.exe

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1429246591&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=V2z992P9gGvp07QTkHdmRmVCI~JJ5EcrU35dT-PULUWhJhSj2oi4XHMZHpUqS75T35cRTz9M~4AZxViM3gA-eLcM3ZMtX4hnO1sSXZaQT1PhbdwVcjp2jPs5i5LQZ6RGBxVXA4Ptr~v4~ZgHLzuDuVhFruk5qWGfUS73KrIIqao_&filename=Setup.exe

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1442036266&Signature=PbRIQ2~fP0tA1OH9qangvVuQ4xfNbWYuS1qquk8PUIjL2t5hKXsvRessXx-Uk3LYHaUcIjfaKx7r4paFNOiq3RhOkolMeUzQ80TXBiRSROxT0Q3mvcuMo-39dtOZgnpyOBKqETuM55J0PYv3XTmOMEfEVMfFKUDFHAOOP-O2AjU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Setup.exe

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1446383069&Signature=P6PFJPJlXtitWKizmhvoZY~kt~yx4Il3OKk4traWZgnXOGUxxC9X~lIhjHpZ7jmbcZsrLoV87i2RLXxWZhikkutTGgbqwyTj~CXqqS~VkevQR3ylxMpLjvYIXH8DnRmX8FQdj~TY7N0DcKbn0U9V2JmwExy9S2IL7EyQ4FB2RiY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Setup.exe

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1450082738&Signature=U1jXrqBQ~pzbsOobLJjtWvql1JvvrpXYaUJoRggza4gPW7Zh2ksPHC7JzqorgySJFt-kS9nO9Sf7CoTkn0GZp61~VOZ8W9Uxk3nbBbZ8wM9YeANvNbtmOGJ2SaLxRHqAKxhXeQ2AOE2NgIxugHu3jCs-ulqeuAKpHOaJlP-vXdE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Setup.exe

http://media.fotoprix.com/FotoLibro/.../setup.exe

http://gsf-cf.softonic.com/15f/ee1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=66088&instance=softonic_es&type=PROGRAM&Expires=1448205525&Signature=AIqGhnrbTWsCGnbB-GHWUCuISNn6xPLnwXRedzYFQg8MPvRCnYtCc3tsfxcWOA9zGkHlGfgJcPc38156bq6y0c-V8vsQptLZhe3sPL-g2Ym5g70HsXyX~1EMv5R7qX2JlB5rM~OzZpWUoTA8Z8l~jNU2jpA8jEwUvW2gSCkMn-Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Setup.exe

http://www.vlcplayerdownload.com/download/.../setup.exe

http://liveupdate.symantecliveupdate.com/upgrade/NSS/SymCCIS/Production/NPI/.../Setup.exe

https://mvblga.tuk.livefilestore.com/.../Setup.exe

http://security.symantec.com/.../DownloadInstructions.asp?writelog=1&

http://security.symantec.com/.../Setup.exe

https://security.symantec.com/.../Setup.exe

https://security.symantec.com/.../DownloadInstructions.asp?writelog=1&

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.