» Setup.exe
Overview
Analysis
File Details
Behaviors (1)

Setup.exe

JMicron Setup Application

JMicron Technology Corp.

The executable Setup.exe, “Setup Application” has been detected as malware by 14 anti-virus scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program JMicron Ethernet Adapter NDIS Driver by JMicron Technology Corp..

File name:

Setup.exe

Publisher:

JMicron Technology Corp. (signed and verified)

Product:

JMicron Setup Application

Description:

Setup Application

Version:

1, 1, 0, 20

MD5:

67609e885b40599f6a6a626a0de4eb9e

SHA-1:

38b3eff00c1a5ba47b619ca15a836b768329a319

SHA-256:

05e7a41cac9524c0465fca408f1095db9c50fcec842bc818fb6751043e6b9a4d

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/25/2024 12:49:13 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.SlugIn.A

5691347

avast!

Win32:Patched-JI

160111-0

AVG

Win32/Slugin.A

2015.0.4489

Clam AntiVirus

Trojan.Spy-59563

0.98/21257

Dr.Web

Win32.Wplugin.1

9.0.1.05190

Emsisoft Anti-Malware

Win32.SlugIn

10.0.0.5366

ESET NOD32

Win32/Agent.NAG virus

7.0.302.0

F-Prot

W32/Slugin.B

4.6.5.141

Kaspersky

Virus.Win32.Slugin

15.0.0.562

McAfee

Virus.W32/Wplugin

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.2742.0

Norman

Win32.SlugIn.A

11.01.2016 17:30:26

Sophos

Virus 'W32/Slugin-A'

5.22

VIPRE Antivirus

Threat.4314870

46446

File size:

1.2 MB (1,281,083 bytes)

Product version:

1, 1, 0, 20

Trademarks:

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\jmicron\jme_dir\setup.exe

Digital Signature

Signed by:

JMicron Technology Corp.

Authority:

VeriSign, Inc.

Valid from:

7/20/2010 7:00:00 AM

Valid to:

7/26/2012 6:59:59 AM

Subject:

CN=JMicron Technology Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=JMicron Technology Corp., L=Hsinchu, S=Taiwan, C=TW

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

57F5B9788EE6D73B698B7167E08F4C3D

File PE Metadata

Compilation timestamp:

1/5/2010 6:41:38 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:4uE+I0hJh74IhMO62IvQzHjwQX2kK5toY13WqrrdBzhy6zYnhS4zkE:y0B4Ihg2Ivgj9X2kK5tx3We7hy1nhnkE

Entry address:

0x16C0B

Entry point:

60, E8, 00, 00, 00, 00, 5B, 81, EB, D0, 48, 00, 10, 83, EC, 74, 8B, EC, 8B, 83, AB, 4B, 00, 10, 89, 45, 00, 8B, 83, B3, 4B, 00, 10, 03, 45, 00, 89, 45, 2C, 8B, 83, B7, 4B, 00, 10, 03, 45, 00, 89, 45, 30, C7, 45, 14, 00, 00, 00, 00, C7, 45, 18, 00, 00, 00, 00, C7, 45, 1C, 00, 00, 00, 00, 8B, 45, 14, FF, 45, 14, 66, 33, C9, 8A, 8C, 03, FF, 4B, 00, 10, 84, C9, 74, 7A, 8B, 45, 1C, 66, 01, 4D, 1C, 03, C3, 05, 13, 4C, 00, 10, 50, 8B, 45, 2C, FF, 10, 85, C0, 0F, 84, 5E, 02, 00, 00, 89, 45, 10, 8B, 45, 1C, 03, C3... 
[+]

Packer / compiler:

ASPack v1.08.04

Code size:

176 KB (180,224 bytes)

Program Uninstaller

Program name:

JMicron Ethernet Adapter NDIS Driver

Display publisher:

JMicron Technology Corp.

Display version:

6.0.32.3

Uninstall string:

"C:\Program Files\JMicron\JME_DIR\setup.exe" delpkg

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.