home

Setup.exe

Setup

CAR SOFT

This is a setup and installation application. The file has been seen being downloaded from s6132.chomikuj.pl and multiple other hosts.
Publisher:
CAR SOFT

Product:
Setup

Version:
1.00

MD5:
67910b320da871ecb11be5a576eceb86

SHA-1:
6b681038bbc07c93a5582de144bae5a0e4f696e5

SHA-256:
7a1437528de5a545777ee3f8dea100933519f66a02917349506752d41b5d46f7

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/17/2024 5:08:44 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Gen.Application.Keylog
t3scan.2.0.0.0

File size:
32 KB (32,768 bytes)

Product version:
1.00

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
3/24/2005 7:48:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:4RF8G/fFIL2GLj+8Q8AaAaASAx/4GtD7Db:4JIL2GLj+Vt33v1J7H

Entry address:
0x1290

Entry point:
68, 78, 19, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 94, 6A, 70, D6, FB, 37, AB, 4F, B5, 52, 0B, 89, FC, 6E, 20, 1B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 30, 32, 30, 34, 33, 30, 43, 61, 72, 73, 6F, 66, 74, 00, 00, 00, 00, 00, FF, CC, 31, 00, 05, B3, FB, 70, 34, B0, 59, D8, 4D, B3, BB, 54, 8E, FA, 68, 8B, 3E, F2, 43, 13, 3F, 3B, EF, BB, 42, B3, C9, D3, F5, 2E, 48, CB, 8D, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
20 KB (20,480 bytes)

The file Setup.exe has been seen being distributed by the following 2 URLs.

http://s6132.chomikuj.pl/File.aspx?e=x_DsSdTYqNiX3_jJmF2jPTj7C64nkDq05jf71wyYr4aqWryZuiF8SBel537YXDJnewcLc125rPOlKlz0l3v1uaOHDKlnwXU3UPfx0Mho6GxMPmmJAqLjOi47wkor3f0UVF5OHGO2tcVdZ0DYmgjsoA&pv=2

http://s10398.chomikuj.pl/File.aspx?e=x_DsSdTYqNiX3_jJmF2jPTj7C64nkDq05jf71wyYr4alYkN2p9zzn_Y5ytMO1tXA7x4ooSHmxPSxKEJ4ZUhkorQAnFPDxRNFFndSg3sNTySiINZVAYAYGOdtTYKDHY5CK_6aKc4ZGGvdXTtr4M7h-g&pv=2

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.