home

Setup.exe

7-Zip

Igor Pavlov

The program is a setup application that uses the 7z Setup installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from www.wagnardmobile.com and multiple other hosts.
Publisher:
Igor Pavlov

Product:
7-Zip

Description:
7z SFX

Version:
9.20

MD5:
c23a3d062932130061a0616d4f478a63

SHA-1:
83b3c7129f1d162e58ff6db5f41edd9aa3ffa250

SHA-256:
f341560674e40a55aac7ee55bff8b0e1a560d0edc3cc20c0fb5d548acc1b072c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 1:06:32 AM UTC  (today)

File size:
1.1 MB (1,169,831 bytes)

Product version:
9.20

Copyright:
Copyright (c) 1999-2010 Igor Pavlov

Original file name:
7z.sfx.exe

Installer:
7z Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
11/18/2010 8:27:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:6WvknOMEBFD2JibidpIo8jgu+r1yVUAcsa0vrAlGwrMxH0nDyx:6UeOMAFDLbidLCgdEmA8qAlGweUn2x

Entry address:
0x1D262

Entry point:
55, 8B, EC, 6A, FF, 68, 20, 1E, 42, 00, 68, 5C, D2, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 04, 11, 42, 00, 59, 83, 0D, 90, BD, 42, 00, FF, 83, 0D, 94, BD, 42, 00, FF, FF, 15, 00, 11, 42, 00, 8B, 0D, 70, 9D, 42, 00, 89, 08, FF, 15, FC, 10, 42, 00, 8B, 0D, 6C, 9D, 42, 00, 89, 08, A1, 64, 11, 42, 00, 8B, 00, A3, 8C, BD, 42, 00, E8, 1C, 01, 00, 00, 39, 1D, 20, 7A, 42, 00, 75, 0C, 68, EA, D3, 41, 00, FF, 15, 0C, 11...
 
[+]

Entropy:
7.9234

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
124.5 KB (127,488 bytes)

The file Setup.exe has been seen being distributed by the following 3 URLs.

http://www.wagnardmobile.com/DDU/.../DDU v13.6.4.2.exe

http://www.majorgeeks.com/index.php?ct=files&action=download&

http://files1.majorgeeks.com/a088ea2078cd92b0b8a0e78a32c5c082/.../DDU v13.6.4.2.exe

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.