home

Setup.exe

Setup

Elex do Brasil Participações Ltda

The file Setup.exe by Elex do Brasil Participaçõesa has been detected as a potentially unwanted program by 6 anti-malware scanners. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from s2s.yac.mx and multiple other hosts.
Publisher:
Elex do Brasil Participações Ltda  (signed and verified)

Product:
Setup

Version:
1.0.154.23394

MD5:
ff4812aa6342a601b76b4cd496b5388f

SHA-1:
7ac0f326c03f97a3b29bc5e5308b1707a7ce6a15

SHA-256:
7ca54e22d80b778d5ae1ef0e959eb6d1be9ef3a2622cb261e3c9fcc94bafbce9

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
5/8/2024 8:41:43 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Mutabaha.174
9.0.1.072

ESET NOD32
Win32/ELEX.CC potentially unwanted (variant)
9.11312

Fortinet FortiGate
Riskware/Elex
3/13/2015

McAfee
Artemis!FF4812AA6342
5600.6828

Reason Heuristics
PUP.Optional.Installer.ELEX
15.3.13.3

Trend Micro House Call
Suspicious_GEN.F47V0312
7.2.72

File size:
847.8 KB (868,176 bytes)

Product version:
1.0.154.23394

Copyright:
Copyright (c) 2011-2015 Elex do Brasil Participações Ltda

Original file name:
Setup.exe

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Elex do Brasil Participações Ltda

Authority:
VeriSign, Inc.

Valid from:
6/23/2014 4:00:00 AM

Valid to:
6/21/2015 3:59:59 AM

Subject:
CN=Elex do Brasil Participações Ltda, O=Elex do Brasil Participações Ltda, L=São Paulo, S=São Paulo, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5C6950D0A05A1CD63164D1E1EB1FFB8A

File PE Metadata
Compilation timestamp:
3/11/2015 10:02:12 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:SjC2VVb/1DX/gQ71s3wC1/Thz3dDeHVTGQT4fPn3OBqIUEpl1NYJBW9sdz8i:ILV917YP3Jz3diVTGQJnUKzZidz8i

Entry address:
0x93B8

Entry point:
E8, 41, 40, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 15, 90, 60, 41, 00, 6A, 01, A3, AC, EE, 41, 00, E8, 2C, 45, 00, 00, FF, 75, 08, E8, C1, 44, 00, 00, 83, 3D, AC, EE, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 12, 45, 00, 00, 59, 68, 09, 04, 00, C0, E8, 8F, 44, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 11, 70, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 90, EC, 41, 00, 89, 0D, 8C, EC, 41, 00, 89, 15, 88, EC, 41, 00, 89, 1D, 84, EC, 41, 00, 89, 35, 80, EC, 41, 00, 89, 3D, 7C...
 
[+]

Entropy:
7.5544

Code size:
83.5 KB (85,504 bytes)

The file Setup.exe has been seen being distributed by the following 40 URLs.

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=lL_PDWpmNWqVUEXXKEHLEF45mheDHbCO2Uj_I5m_Cw9oJdfvVhD8_zJo3DaJMHpboqtJlZ2oQFzbzQkrQq6VCRMRpTCERR4kDgG_miVLMu_uPxFCRJYgJAsTqMJfwn4Csda86m3YoC_bb-L3WQFWLFIbqNmWe02gPoDtRSxky7nq1lmmOv8NyV6UD_taF0Ft0qH-teYYGhzDvCzJhqLz4RG2n_q9fjCNl9KT4QNJToRk9pHCBzNs7YVF1ECEpFZaD9kap0sgs65Qqw4jEE9ILTRWEVkVJCf49fkX2X9zp4TKylKvqKmDZ7qbghFZgMkrKci6ycbwfxp3jm2LYYnEpbtk-BqXWSjXwjNiqluXx1IKpun4X5Pa-AWr2nugtpigSuulo4KooPe4cHifAnFPCHa8s7S3l6-W3oDIyeoDrYkJPy1p&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=HWSG-0TVtvmg62GRli-5WDU3xd43GQdKiy_Gg4hnAEQAWOHnYAK_KpCD-qJt_eT16gl3M2aHMW1rdUn9snYwgWN-Xk8q_iJPuuISBxFliN5MOqbfWxZ1GlHhHYMKBeg4pv6GtsaQWhSE0ndO1nG5HgAOeVcSxQIAcpUXU-HgGcg8py-bUpHcpe_aCTY3BKz28dWYHDdEWNiP9yPXbV8p7_6e249xTcSukW8z3vtGE_Uzs7Hq7uv-VX3fQUSj9Yw3uYfenvAGTKGpnrL1bqbZqajQOHrm9V_21qNlSUR4tnLpqxEVoa-RFfLd7a_Zz6CYlLDzluM-wBube9fSwf0IOmz7arc5Oof84MgU9D7x5ZI9arvniVq8qYn0s9rpsH_fV1BXmNBA5Ap30olzZaDQYbzydvVX7otmylf_rXCcAEjUZZyvYg&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=avae&subid=10624507650

http://www.yac.mx/download/.../down.php?pt=gam&subid=20421

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=epo&subid=NTczMDF8MTA3NTQ0fENBfDN8MXx8|d8d97a266a1d4389dee35d271d8c79fc-9118-63173&lplink=http://www.yac.mx/download/.../down.php?pt=epo

http://www.yac.mx/download/.../down.php?pt=ava&subid=10668338483

http://www.yac.mx/download/.../down.php?pt=sim&subid=494047308

http://mmtrkjy.com/mt/.../&subid1=u56638a6a542d753c44022ce3e1

http://dl.yac-tech.com/download/.../yet_another_cleaner_mat_setup_152743.exe

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=dcM6bMLvw_pGDq1wpDj1KzVy4_urkFQ55QMYlflRvevWw5pME_2ooMmkPgv7AfdwJe90g4vOSOxctlr_OV4zokNTSMfmq-DHY0v_TdTMQe8LPerayyBpwAuAz-AI0SQBH2z8H4aGcpAphZzvV9qQVPDZUQ_Yhw-vsUdHuEmolcJosiCPV4fvJtV8qoGuMnG-M1k6dClNv7xjYFsNDdu7MHpKlHYf8FcgcVAaZsw0UPSbOx1p0drnZwXYzDLstgy_9P0PU14Zb0_DIHW2zfS0k2xWjXnMVacJXJP49eBy9MdZmhOUct8CXvBgK1IdGTi_Xn61OMCixGedZCbbUHtBUYhimstbP29R1dYYeMuwN621mX33AxaS0s5tOeGVOcakfcjfqet-QnmAUMOAMHQHJMPr9uiUYmSy7A&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=dne&subid=

http://www.yac.mx/download/.../down.php?pt=avae&subid=10634824569

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=epo&subid=NTczMDF8MTA3NTQ0fFBUfDN8MXx8|d8d97a266a1d4389dee35d271d8c79fc-9118-63173&lplink=http://www.yac.mx/download/.../down.php?pt=epo

http://mmtrkjy.com/mt/.../&subid1=u0231fb4454e02d98363e7a18af

http://www.yac.mx/download/.../down.php?pt=matf&subid=128955

http://www.yac.mx/download/.../down.php?pt=mat&subid=123101

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=7T30hEuommocB0hORtgk9jyEHjGM05JtkHj4UHv8XKNWYhLKUWEvxK7fVBGOxWyFA5MeuotUgp4cy5zkZ0d9FLBjN9b9IXP9EOG3oyADB6582d2fIu9lZVScqJDbXsBY_lL9ioqZN2cWgGSi17ao1lxlsIUx62uBIV3byGvA960P74lSAY5WkQQv0N220ZxY1lXNHbFQhlJ7J0A2jai1wQeAs1fuHx14szZhX9P4tZPRk9tqRPmcGir1ziah9ZVp5FwgQ3rST9P-xsRpDK1W6SYihd0gxQC7p1l7WS3l_bagCVEhvBf2PCHmyqTPg6Pbjf7sf5nCTSgJ3QIoebnZdCqSgF-iVCE95CPPVqtVe9bMnom86AHocLOdyxOFPddtenMc1FqtJmC6yeuytNPGemo0vaJLt6hc040sXH9DMYB0Ygjo0fKaEjvngCfP745_Hbk32bTLuc6IZMh3ONmZ3r3pTg&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=gam&subid=20107

http://www.yac.mx/download/.../down.php?pt=gam&subid=11656

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=owOTJrufAnfmKIPk5tX1TWOqUNdBmFrAluLKBtM_F6WqD5-msTPFAI5XohpA3sfWjnFKPzrDEDoN3ntqpDcimaAtAVj-jcFmNZJmLHDVEgoDyJrD19Y9eYYLJRODHTndVD8XbOTYcwdczXNYQnjpv1kPZ9u41TcHR4EdfJLjdkjo9TSGt8RPVBd-IZrw1wmHa6wMAeAwYZo6Q_SOpW59xYQBYi5tJaNhHPOyNZbwyfWIkLEjqEbHZSjrggMky2NioFwaGkJW-kcLzr3NnOpaM2volfFdMtWkKS0B-bTN8egXLvUmtaWK8MZ-ks3Qiz-a5Gk4D26Ga2D_H0l5OQ_JY7O3GBJ0rCSnfQdvJaP9Fntyj0TiGvZ37OUQKWW0Zkn6zGYIlxTCPq9oxqEHe_ECteVT4offJlnfX2kreyIK6pW84KW97wu0rQ&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=hl0hLxiJnC6WT3iarJjrMH8IJ9JnW4ML7OFd55vzwlbChgiBt2L9vKBQLvNlZ_cBqoLAdcVnYMXKhh1Pz0MCn2w9yrOEhBRaZfBoy3JzSVq6n7PuW2PpEo6ERUHJJx712Hn6XEV-E-oWXACCrlluV-QCZNnBlgaKb6XQN5IW8D8VAH2LlJGcBz8IvLcS6DCgA9ZsHGP0qhrPEZVrb0d48n--YA0eEJtq-KZfz0MAEulADoDssuf4xcs7vee5ppxtkVWXIkvBuiC0rN1-V_qG1xk8AZyD0qrgufCET1_f6234UYssUY_c8OEJXijmaSK4idqWO4NjltWQQ_dLYFlXyX0ovgvPrOX34sxyBRgoqJ4D-hZ4MNoYCel0qY2NsIVkpQ8x-ZHcZdmMOxMUDUiktHayIurOsMQvF16AvSiYtbw_jJcjw1f--qSBJx-0ketZ90EVS6Wv&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=epo&subid=NTczMDF8MTA3NTQ0fEZSfDN8MXx8|d8d97a266a1d4389dee35d271d8c79fc-9118-63173&lplink=http://www.yac.mx/download/.../down.php?pt=epo

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=epo&subid=NTczMDF8MTA3NTQ0fEFSfDN8MXx8|d8d97a266a1d4389dee35d271d8c79fc-9118-63173&lplink=http://www.yac.mx/download/.../down.php?pt=epo

http://www.yac.mx/download/.../down.php?pt=ymb&subid=16100

http://www.yac.mx/download/.../down.php?pt=kwo&subid=

http://s2s.yac.mx/ads/adsavess?sid=yac&ptid=mmacn&subid=OZcBY_98TKNGvjCCA6YVVvNfFiBg2YOn-j6i94sLPT0VHXGxwLS0gDNN7g6zJ7WylVbg1OYoMIf9esnLOlLnTTEdxuwUQvkbuP1gifLG-0UxIwVC15cR8pKs_dI5PHb8C_VKI3hBxH6CMjmuD8S2dPYNih3kkc5EgvebZswWsQvYV9YdQkHa_UJaeGCnCxvoda690frrPusMZFNNS2qf9w0wAwtPgzy8dhQxgt06CLVIK5XI99Rc_HdrktnmnIXhfP3ilnt6Z4va09RO6Y2mhrzz5-82TNZUWJ4jl_FzCGsncgTTouKEZ1qmqrGblSG_EHIcBB-Nuzp2e5OHhMcpdWMUTRfTv4EZDA1BTdu8ZelfVqpSFSqUqr9TW3GaF0CTVb5wINI-2TiyRXgJZMe9fgUsTE3gkCUEWzcHvRpDoj9MjhFJ8O4&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=epo&subid=

http://www.yac.mx/download/.../down.php?pt=aed&subid=

http://www.yac.mx/download/.../down.php?pt=gam&subid=18184

http://ads.adsrvmedia.net/event/click/0/4Q7Tqt2v7XMd7CVllKGQIr2I8mLd-RzIrHFxKxxkofvZr5mJRvgEwapMYLaeO4hv_bYj2pfK1HTHhYCb4AZosOBGHVvk0QDyeHYzE1nSj-VucpkaCqR4CTy0T7iAZK8rP7jPBDZ4l7VyXYWJgQNAHOJzAzVGmEHvEclGg10PhE2fImRmAIbANlzaoT4Sa3QVXSfA9YaTVwdC5fjbYEeK538G5RcDIS_PVJPbzXZmw9zxoksvNR7RsZoI0-b-QIIZUSORDzEq7kIXEEJrrhpm0xxixz03U213aq126B6QW1hRCyOXFPhQYO_VYbruytIV4E7bT1xPH7bVZnVtMa9BIc2d1DsaV6g-7q8B_lEvouBSAKUVCW-BVBP4BbWuXs_fwAp0T269GzS6SOsgYm_JWMdwYnUkmy30rLPmdT49k3oXuL6cBxXvfLH61s1znlh5aq1w6sPFcLHFfA/.../

Latest 30 of 40 download URLs

Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.