» Setup.exe
Overview
Analysis
File Details

Setup.exe

Interactive Install

IMINENT TECHNOLOGY SRL

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application Setup.exe by IMINENT TECHNOLOGY SRL has been detected as a potentially unwanted program by 30 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer.

File name:

Setup.exe

Publisher:

Live Soft Action S. R. L. (signed by IMINENT TECHNOLOGY SRL)

Product:

Interactive Install

Version:

8.38.1.1

MD5:

a7cfee48d6126ed4cf7cd724a08a1b21

SHA-1:

4c902533ba8bd295c3db38707d5193de716a343d

SHA-256:

4061e893b6c16cfa4044adf62885b5401171c6b27eb93aaa2fdcb8bfac7bd087

Scanner detections:

30 / 68

Status:

Potentially unwanted

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/25/2024 10:59:02 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.822958

6475091

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.Agent

2015.01.02

Avira AntiVirus

APPL/Downloader.Gen

7.11.198.230

avast!

Win32:Adware-BYE [PUP]

150101-1

AVG

Generic

2016.0.3215

Baidu Antivirus

PUA.Win32.GetNow

4.0.3.15128

Bitdefender

Application.Generic.801822

1.0.20.140

Clam AntiVirus

Win.Trojan.Getnow

0.98/19514

Comodo Security

UnclassifiedMalware

20547

Dr.Web

Adware.Downware.8576

9.0.1.05190

Emsisoft Anti-Malware

Application.Generic.822958

9.0.0.4799

ESET NOD32

Win32/GetNow.D potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/GetNow

1/28/2015

F-Secure

Riskware.Application.Generic.822958

5.13.68

G Data

Win32.Application.Getnow

15.1.24

IKARUS anti.virus

PUA.Getnow

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.188.14496

Malwarebytes

PUP.Optional.LiveSoftAction

v2015.01.28.01

McAfee

LiveSoftAction

5600.6871

MicroWorld eScan

Application.Generic.801822

16.0.0.84

NANO AntiVirus

Riskware.Win32.Downware.dewbuj

0.30.0.64448

Norman

Application.Generic.822958

03.12.2014 13:20:04

Panda Antivirus

Trj/Genetic.gen

15.01.28.01

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Reason Heuristics

PUP.Installer.IMINENTTECHNOLOGYSRL

15.1.28.13

Sophos

Generic PUA BD

4.98

Trend Micro House Call

TROJ_SPNR.35JF14

7.2.28

Trend Micro

TROJ_SPNR.35JF14

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

36278

File size:

671.3 KB (687,384 bytes)

Product version:

8.38.1.1

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

SIEN SuperInstall

Language:

English (United States)

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

IMINENT TECHNOLOGY SRL

Authority:

GlobalSign nv-sa

Valid from:

7/15/2014 3:59:54 PM

Valid to:

7/16/2015 3:59:54 PM

Subject:

CN=IMINENT TECHNOLOGY SRL, O=IMINENT TECHNOLOGY SRL, L=Bucuresti, C=RO

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112117283610FD537B23B681DB2FB2853FE5

File PE Metadata

Compilation timestamp:

9/15/2014 4:04:36 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:l8i9ZDhctMQWrBH31q2I/Ij0VMxcsG8XLN+u2r4sOSy90CMw:ld3yRW9lq3/IjvXLNPK4sxy1M

Entry address:

0x18A440

Entry point:

60, BE, 00, B0, 4F, 00, 8D, BE, 00, 60, F0, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

576 KB (589,824 bytes)

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.