» Setup.exe
Overview
Analysis
File Details

Setup.exe

InstallShield

InstallShield Software Corporation

The program is a setup application that uses the InstallShield Setup installer.

File name:

Setup.exe

Publisher:

InstallShield Software Corporation (signed and verified)

Product:

InstallShield (R)

Description:

Setup.exe

Version:

10.01.238

MD5:

2aca0fa304af1592949132c6d4df0245

SHA-1:

17caf776974db70b64091115f186f45b67260230

Scanner detections:

25 / 68

Status:

Clean (25 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/24/2024 10:13:16 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win32/Slugin

2013.01.04

Avira AntiVirus

W32/Slugin.A

7.11.55.184

avast!

Win32:Patched-HO [Trj]

2014.9-160211

AVG

Win32/Slugin.A

2017.0.2837

Clam AntiVirus

Trojan.Spy-59563

0.98/18155

Comodo Security

TrojWare.Win32.Patched.P

14784

Dr.Web

Win32.Wplugin.1

9.0.1.042

ESET NOD32

Win32/Slugin

10.7858

Fortinet FortiGate

W32/Wplug.A

2/11/2016

F-Prot

W32/Slugin.B

v6.4.6.5.141

IKARUS anti.virus

Trojan.Win32.Patched

t3scan.1.1.122.0

K7 AntiVirus

Trojan

13.156.8070

Kaspersky

Trojan.Win32.Patched

14.0.0.678

McAfee

W32/Wplugin

5600.6493

Microsoft Security Essentials

Virus:Win32/Slugin.A

1.163.1557.0

NANO AntiVirus

Trojan.Win32.Wplugin.edowv

0.22.6.49175

Norman

W32/Slugin.A

11.20160211

Panda Antivirus

W32/Wplugin.A

16.02.11.09

Rising Antivirus

Win32.Agent.ik

23.00.65.16209

Sophos

W32/Slugin-A

4.84

Total Defense

Win32/Slugin.A

37.0.10237

Trend Micro House Call

PE_WPLUG.A

7.2.42

ViRobot

Win32.Patched.N

2011.4.7.4223

File size:

114.5 KB (117,200 bytes)

Product version:

10.01

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Installer:

InstallShield Setup

Language:

English (United States)

Common path:

C:\Program Files\idt\intelxpv_v103\setup.exe

Digital Signature

Signed by:

InstallShield Software Corporation

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

2/16/2004 8:24:50 PM

Valid to:

2/11/2005 2:05:03 AM

Subject:

CN=InstallShield Software Corporation, OU=Research and Development, O=InstallShield Software Corporation, L=Schaumburg, S=Illinois, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

1F9AE0

File PE Metadata

Compilation timestamp:

7/16/2004 8:22:51 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:21mgpDN0X/gzu+CkgQa5iydLZkN6dEJec6oMc2bpvJLtUnu:2NpDN0X/gzu+CkTa5iy7kR9CbB

Entry address:

0xC816

Entry point:

55, 8B, EC, 83, EC, 44, 56, FF, 15, 50, 21, 41, 00, 8B, F0, 85, F6, 75, 08, 6A, FF, FF, 15, 4C, 21, 41, 00, 8A, 06, 57, 8B, 3D, 80, 22, 41, 00, 3C, 22, 75, 1B, 56, FF, D7, 8B, F0, 8A, 06, 3C, 22, 74, 04, 84, C0, 75, F1, 80, 3E, 22, 75, 15, 56, FF, D7, 8B, F0, EB, 0E, 3C, 20, 7E, 0A, 56, FF, D7, 8B, F0, 80, 3E, 20, 7F, F6, 8A, 06, 84, C0, 74, 04, 3C, 20, 7E, E1, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, 48, 21, 41, 00, F6, 45, E8, 01, 5F, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00, FF... 
[+]

Entropy:

6.2959

Packer / compiler:

InstallShield Custom

Code size:

65 KB (66,560 bytes)

Scan Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.