home

setup.exe

2K Sports Installer

2K Sports (Take-Two Interactive Software, Inc.)

Publisher:
2K Sports  (signed by 2K Sports (Take-Two Interactive Software, Inc.))

Product:
2K Sports Installer

Version:
1.00

MD5:
67dd9b289c5af91b061ef31cf6c11bd4

SHA-1:
4845fa1c781cd894ac42b4847a0b4d1fb8d8995a

SHA-256:
d826402253c55daf4360b1eec6bf7e43876a69b9d819c0a4ee9aedfb3c60a483

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 7:54:04 PM UTC  (today)

File size:
290.1 KB (297,104 bytes)

Product version:
1.00

Copyright:
Copyright (c) 2K Sports. All rights reserved.

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:
2K Sports (Take-Two Interactive Software, Inc.)

Authority:
Entrust, Inc.

Valid from:
8/28/2013 12:24:18 AM

Valid to:
8/31/2014 3:13:10 AM

Subject:
CN="2K Sports (Take-Two Interactive Software, Inc.)", O="2K Sports (Take-Two Interactive Software, Inc.)", L=New York, S=New York, C=US

Issuer:
CN=Entrust Code Signing Certification Authority - L1D, OU="(c) 2009 Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, O="Entrust, Inc.", C=US

Serial number:
4C175518

File PE Metadata
Compilation timestamp:
6/21/2013 2:21:36 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:523rnYUg20/csHjrByZXsiKEurr8oeb6matc8rtOfVgPamGCNzlNz0QjmRsGVGnw:k3rroRHjsciK18o72gPzfJwKJm/J

Entry address:
0x12B1B

Entry point:
E8, 56, 96, 00, 00, E9, 89, FE, FF, FF, 57, 8B, C6, 83, E0, 0F, 85, C0, 0F, 85, C1, 00, 00, 00, 8B, D1, 83, E1, 7F, C1, EA, 07, 74, 65, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F, 67, 40, 66, 0F, 7F, 6F, 50, 66, 0F, 7F, 77, 60, 66, 0F, 7F, 7F, 70, 8D, B6, 80, 00, 00, 00, 8D, BF...
 
[+]

Entropy:
6.4042

Code size:
187.5 KB (192,000 bytes)

The file setup.exe has been seen being distributed by the following URL.

temp:setup.exe

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.