» setup.exe
Overview
Analysis
File Details
Downloads (70)

setup.exe

Mu Israel

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from serv72.f2h.co.il and multiple other hosts.

File name:

setup.exe

Publisher:

Mu Israel

Product:

Mu Israel

Description:

Mu Israel Setup

MD5:

194c3d081176e9f80e63d316d9eacbcb

SHA-1:

30b6c1d5b4741d28706c60514e0be863d191cdf3

SHA-256:

6fa0e46752a4e5886e4f95b578c9089e8ee19b1760ac497d70fee839d7a98358

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/15/2024 3:27:30 AM UTC (today)

File size:

224.4 MB (235,251,702 bytes)

Product version:

1.12

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\setup.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6291456:J7ohK3ivXBTpAl3SVh50MZT5/uw6hm1kt0KCvf:m5vXBlRVh55zuw6s2oH

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

8.0000

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file setup.exe has been seen being distributed by the following 50 URLs.

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|6278703e927135527f920e3073982e83

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|725de8746f094bb4e699c533203ab540|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|7bf8dbf90ea5dfde617db9bee1644d20

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|2275fb39a648f2c142a7651c613a3e6c|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|1bf833cb3544f85d40175f833f87478c

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|da274b606d823c2a887a3b5908a7d348|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|a6ee2cc12e39cd2f70fd8f3552504ed3|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|eb7c4bc28aaaebfd9a8f5a3ffa9d82dd|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|4c4d4948e094b2b22695a310b63705cd|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|147f88d0185a7c32c41cc9cb95d6c55a|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|9697347fac419f90633c5e68f4e806bc|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|48995c1cb90f4b2937e51496584ed0d3|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|cf2a26fa49e879e2a8b45331c8c3e9ef|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|377c925c0a3b6d95fe41c5958f1b4832|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|69622869c6459922806d08ae75551492|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|d568a5d78663afd3e16a91322a79795b|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|301599f6077db1e0b6e8281597e6f240|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|a3bfa0f66e2738faf097bba918037ede|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|2f2ef017c89c10ba6b9ed8ff19fdf49f|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|4124c7fb12f901170169c3844d8ec6d0|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|4576deacae9063fb06017a9620a8d336|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|0bab0e04ace98be04d58666fd3f437b9|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|c98a17e5daa7eb90c6dc0ba1041e1434|.exe

http://serv72.f2h.co.il/.../jj2kwgeg1ypr|78b8a46ae847be2591b1471b98877f8a|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|fcfe874521f482de3968b57770031b07|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|11911a733866fd54d92910bd00dff05b|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|11240caf0fe1c168e5669790b0b7ad3b|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|779834cf0cfa328f7646a105bd14d500|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|b734890b9179d730542f082704c44417|.exe

http://f2h.nana10.co.il/.../jj2kwgeg1ypr|030bc4507d50843f208abb226bfadfff|.exe

Latest 30 of 70 download URLs

Scan setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.