home

setup.exe

The executable setup.exe has been detected as malware by 9 anti-virus scanners.
MD5:
f60e9c9477722db260c0cc7c6ef095e5

SHA-1:
1a982c7a26113e382426e67d35d8f1279d064715

SHA-256:
0c67f30289d7a02f7a9c276d160c677eccbf3a29babc02ffd210a5cf84f904fa

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/26/2024 10:37:14 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.230611
5881201

Avira AntiVirus
DR/Delphi.Gen
8.3.1.6

Arcabit
Trojan.Graftor.D384D3
1.0.0.425

Bitdefender
Gen:Variant.Graftor.230611
1.0.20.1075

Emsisoft Anti-Malware
Gen:Variant.Graftor.230611
10.0.0.5366

F-Secure
Gen:Variant.Graftor.230611
5.14.151

G Data
Gen:Variant.Graftor.230611
15.8.25

MicroWorld eScan
Gen:Variant.Graftor.230611
16.0.0.645

Norman
Gen:Variant.Graftor.230611
07.07.2015 03:10:29

File size:
964.5 KB (987,648 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:KyyE7yEhimV2HCUWJ1ZziK5Rj+r+I9294sOxsiBsif96j:dnhXrNJCP64df8j

Entry address:
0xEBAA8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 48, BA, 4E, 00, E8, 5C, 95, F1, FF, E8, 7F, 6C, F1, FF, 83, F8, 77, 0F, 85, D8, 00, 00, 00, E0, 43, 01, 00, 9C, 8B, 20, 00, D6, 88, 20, 00, 84, 22, 0B, 00, B9, C7, 2F, 00, 44, 18, 7D, 00, F4, 85, E3, 04, 64, BC, 2C, 00, 2C, F1, 02, 00, E0, 43, 01, 00, 9C, 8B, 20, 00, D6, 88, 20, 00, 84, 22, 0B, 00, B9, C7, 2F, 00, 44, 18, 7D, 00, F4, 85, E3, 04, 64, BC, 2C, 00, 2C, F1, 02, 00, E0, 43, 01, 00, 9C, 8B, 20, 00, D6, 88, 20, 00, 84, 22, 0B, 00, B9, C7, 2F, 00, 44, 18, 7D, 00, F4, 85...
 
[+]

Entropy:
4.4473

Developed / compiled with:
Microsoft Visual C++

Code size:
939 KB (961,536 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.