» setup.exe
Overview
Analysis
File Details
Behaviors (1)

setup.exe

Tarma Installer

Tarma Software Research Pty Ltd

The executable setup.exe has been detected as malware by 3 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Autodesk DWF Viewer by Autodesk, Inc..

File name:

setup.exe

Publisher:

Tarma Software Research (signed by Tarma Software Research Pty Ltd)

Product:

Tarma Installer

Description:

TIN Setup Pro

Version:

2004.12.22.1305

MD5:

31d1cff57a9894bbe996d791ee58b0ac

SHA-1:

47a00614354aaf1ed620d8704503cd0b9feaca53

SHA-256:

ccd7fc8cf02b367983833810be71502737e30b9101a9f1b8b80cecaf3359fa2f

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

4/24/2024 4:09:27 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.16.24

File size:

151.2 KB (154,847 bytes)

Product version:

2.92.1818

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\autodesk\autodesk dwf viewer\setup.exe

Digital Signature

Signed by:

Tarma Software Research Pty Ltd

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

6/6/2004 9:42:23 PM

Valid to:

7/8/2005 10:47:01 PM

Subject:

CN=Tarma Software Research Pty Ltd, OU=Secure Application Development, O=Tarma Software Research Pty Ltd, L=Carlton, S=Victoria, C=AU

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

3E4B67

File PE Metadata

Compilation timestamp:

12/21/2004 6:01:08 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x27D70

Entry point:

E9, 18, E4, FF, FF, 00, 8D, BE, 00, 80, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75... 
[+]

Entropy:

7.7952

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

60 KB (61,440 bytes)

Program Uninstaller

Program name:

Autodesk DWF Viewer

Display publisher:

Autodesk, Inc.

Display version:

5.1

Uninstall string:

C:\PROGRA~2\Autodesk\AUTODE~1\Setup.exe /remove

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.