» setup.exe
Overview
Analysis
File Details

setup.exe

Randal's Monday

Daedalic Entertainment

The executable setup.exe, “Randal's Monday Setup ” has been detected as malware by 18 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source.

File name:

setup.exe

Publisher:

Daedalic Entertainment

Product:

Randal's Monday

Description:

Randal's Monday Setup

MD5:

39ed1ef00118863435c1a26e0825d2ee

SHA-1:

60fb9012a37f1bc5f49a00c5b6ace3160187ce46

SHA-256:

b975f87d5e584540484ba97105d89f4271b8676c568ed7c12f8d169ecdda4bf9

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/30/2024 12:50:06 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDZ.30571

-40

AegisLab AV Signature

Backdoor.Msil.Nanobot!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Bladabindi.N1742253216

3.7.5.15

avast!

Win32:Malware-gen

2014.9-170316

Bkav FE

HW64.packed

1.3.0.8042

Dr.Web

Trojan.PWS.Stealer.15120

9.0.1.075

ESET NOD32

MSIL/Injector.LLA (variant)

11.13785

Fortinet FortiGate

W32/NanoBot.GBH!tr.bdr

3/16/2017

G Data

MSIL.Backdoor.Netwire

17.3.25

IKARUS anti.virus

Trojan.MSIL.Injector

t3scan.2.1.6.0

K7 AntiVirus

Trojan

13.233.20200

Kaspersky

Backdoor.MSIL.NanoBot

14.0.0.-1315

Malwarebytes

Trojan.Injector.MSIL

v2017.03.16.01

McAfee

Artemis!39ED1EF00118

5600.6094

Microsoft Security Essentials

VirTool:MSIL/Injector.HF

1.1.12902.0

NANO AntiVirus

Trojan.Win32.NanoBot.dxrscv

1.0.38.8984

Panda Antivirus

Trj/CI.A

17.03.16.01

VIPRE Antivirus

Trojan.Win32.Generic

50768

File size:

1.2 MB (1,254,912 bytes)

Product version:

1.0.3

File type:

Executable application (Win64 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

File PE Metadata

Compilation timestamp:

8/22/2013 1:30:31 PM

OS version:

6.3

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

Entry address:

0x7F1C

Entry point:

48, 83, EC, 28, E8, 4F, 09, 00, 00, 48, 83, C4, 28, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 7C, 24, 10, 41, 56, 48, 81, EC, B0, 00, 00, 00, 83, 64, 24, 20, 00, 48, 8D, 4C, 24, 40, FF, 15, 89, 43, 00, 00, 90, 65, 48, 8B, 04, 25, 30, 00, 00, 00, 48, 8B, 58, 08, 33, FF, 33, C0, F0, 48, 0F, B1, 1D, F6, 1B, 00, 00, 74, 19, 48, 3B, C3, 75, 07, BF, 01, 00, 00, 00, EB, 0D, B9, E8, 03, 00, 00, FF, 15, 0D, 43, 00, 00, EB, DA, 8B, 05, DD, 1B, 00, 00, 83, F8, 01, 75, 0A, 8D, 48, 1E, E8... 
[+]

Code size:

32 KB (32,768 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.