» Setup.exe
Overview
Analysis
File Details
Behaviors (1)

Setup.exe

Tarma Installer

Tarma Software Research Pty Ltd

The executable Setup.exe has been detected as malware by 1 anti-virus scanner. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Digital Music Pad 10157 by E-Soft.

File name:

Setup.exe

Publisher:

Tarma Software Research Pty Ltd (signed and verified)

Product:

Tarma® Installer

Version:

2011.07.14.1033U

MD5:

d3dfc5691f9e25e19995799a17d7c8ac

SHA-1:

1c54d98715ce1ab6fbe1da2cb06f55b39075843c

SHA-256:

5629f83590e4b393617c4ba6faa467582e0fa464f0871437c841039b7e30c382

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/26/2024 4:04:12 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation (M)

16.11.30.10

File size:

223.1 KB (228,496 bytes)

Product version:

5.9.4213

Trademarks:

Tarma® is a registered trademark of Tarma Software Research Pty Ltd

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\tarma installer\{eb654ef5-b7a3-46d8-9019-c1ad943846cf}\setup.exe

Digital Signature

Signed by:

Tarma Software Research Pty Ltd

Authority:

Thawte, Inc.

Valid from:

7/30/2010 2:00:00 AM

Valid to:

8/6/2012 1:59:59 AM

Subject:

CN=Tarma Software Research Pty Ltd, OU=DEVELOPMENT, O=Tarma Software Research Pty Ltd, L=Melbourne, S=Victoria, C=AU

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

4D0216133DF073BA8641E78D2A7F3C33

File PE Metadata

Compilation timestamp:

7/14/2011 4:01:19 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:xmiZs9nH5auTy68+ttSmMxfN94Jc5vBtEOMpNHxIa5QvP9T0cxTOBfzAy6IZweoU:xmiZiZauNJc5vxCRI4wgmTO5cYdR

Entry address:

0x1974A

Entry point:

E8, FA, FC, FF, FF, E9, 4C, FF, FF, FF, 55, 8B, EC, 83, EC, 10, 56, 57, 8B, FA, 85, FF, 74, 03, 83, 27, 00, 8B, 75, 08, 85, F6, 74, 03, 83, 26, 00, 8D, 45, F0, 50, 6A, 00, 68, 00, 10, 00, 00, 6A, 02, 5A, E8, 26, AB, 00, 00, 85, C0, 74, 0B, 85, F6, 74, 02, 89, 06, 83, C8, FF, EB, 4F, 8B, 45, F0, 8B, 48, 10, 81, F9, 74, 69, 7A, 32, 74, 34, 81, F9, 74, 69, 7A, 33, 74, 2C, 66, 81, 38, 4D, 5A, 75, 17, 81, 78, 24, 74, 73, 6C, 35, 75, 0E, 85, FF, 6A, 02, 5E, 74, 18, 8B, 40, 38, 89, 07, EB, 11, 85, F6, 74, 06, C7... 
[+]

Code size:

146 KB (149,504 bytes)

Program Uninstaller

Program name:

Digital Music Pad 10157

Display publisher:

E-Soft

Display version:

10157

Uninstall string:

C:\PROGRA~3\TARMAI~1\{EB654~1\Setup.exe /remove /q0

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.