» Setup.exe
Overview
Analysis
File Details
Downloads (1)

Setup.exe

The file Setup.exe has been detected as malware by 14 anti-virus scanners. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from www.packagecentralvault.com.

File name:

Setup.exe

MD5:

ecd2dd729353c6dfdcd23dbbd662aca3

SHA-1:

41538cabb026b4a6d248ddf5621144d5f5239545

SHA-256:

2dca4a2ca9ea4318e765b8c8c2071dad1c552e586af998825c6df0fb9848d543

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/29/2024 4:40:46 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Razy.10807

366

AegisLab AV Signature

Troj.W32.Gen

2.1.4+

Avira AntiVirus

TR/Dropper.Gen

8.3.2.4

Arcabit

Trojan.Razy.D2A37

1.0.0.653

avast!

Win32:Malware-gen

2014.9-160203

Bitdefender

Gen:Variant.Razy.10807

1.0.20.170

Emsisoft Anti-Malware

Gen:Variant.Razy.10807

8.16.02.03.11

F-Secure

Gen:Variant.Razy.10807

11.2016-03-02_4

G Data

Gen:Variant.Razy.10807

16.2.25

McAfee

Artemis!ECD2DD729353

5600.6500

MicroWorld eScan

Gen:Variant.Razy.10807

17.0.0.102

Panda Antivirus

Trj/Genetic.gen

16.02.03.11

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1120

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48 [F]

23.00.65.16201

File size:

184 KB (188,416 bytes)

Common path:

C:\users\{user}\downloads\setup.exe

File PE Metadata

Compilation timestamp:

1/27/2016 9:12:58 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:uwNQxmh+3pr8JyOwrQ2RJRxhG6K+2qOpAASv8JqVNY0vpwLxA9ESQbs8Q0:u1mhNcQ2zMJ+2qOpAASv8v48vbsM

Entry address:

0x215C7

Entry point:

E8, 73, 1F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, 84, 1A, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, E8, D7, 42, 00, 74, 12, 8B, 0D, A0, D5, 42, 00, 85, 48, 70, 75, 07, E8, A2, 29, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, A8, D4, 42, 00, 74, 16, 8B, 46, 08, 8B, 0D, A0, D5, 42, 00, 85, 48, 70, 75, 08, E8, FF, 21, 00, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75, 14, 83, 48, 70, 02, C6, 46, 0C, 01, EB, 0A... 
[+]

Entropy:

7.5901

Code size:

160.5 KB (164,352 bytes)

The file Setup.exe has been seen being distributed by the following URL.

http://www.packagecentralvault.com/.../installer.exe

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.