» setup.exe
Overview
Analysis
File Details

setup.exe

ISPWizard - Internet Setup Program Wizard

End-User Computing, Inc

The executable setup.exe, “Internet Setup Program Wizard” has been detected as malware by 1 anti-virus scanner. This is a setup and installation application and has been known to bundle potentially unwanted software.

File name:

setup.exe

Publisher:

ISPWizard (signed by End-User Computing, Inc)

Product:

ISPWizard - Internet Setup Program Wizard

Description:

Internet Setup Program Wizard

Version:

6.4.4.1

MD5:

7caef8261a946174f3744865683b088e

SHA-1:

8a9bd1513d3a109e3756fff851e5b9a944803d84

SHA-256:

82fafce720af3bd2cd4135916efd7f52571e4d6594c9a933f24c71e4e72fd4ff

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/19/2024 12:13:26 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

16.8.1.10

File size:

952 KB (974,800 bytes)

Product version:

6.44

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\toast.net\setup.exe

Digital Signature

Signed by:

End-User Computing, Inc

Authority:

GoDaddy.com, Inc.

Valid from:

10/7/2009 9:11:43 AM

Valid to:

10/7/2010 9:11:43 AM

Subject:

CN="End-User Computing, Inc", O="End-User Computing, Inc", L=Toledo, S=OH, C=US

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

04626C3637F2E3

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:nPHcOA1tZTFA2Ls+1TQ9JQMkZgmfMLX49:PxstlFAb+qvcG/LX49

Entry address:

0x127E00

Entry point:

60, E8, 01, 00, 00, 00, EB, 5D, BB, FA, FF, FF, FF, 03, DD, 81, EB, 00, 7E, 12, 00, EB, 02, EB, 39, C6, 45, 10, 00, 33, C0, 8B, 73, 3C, FF, 74, 33, 58, 0F, B7, 54, 33, 06, 4A, 4A, 8D, BC, 33, F8, 00, 00, 00, 8B, 77, 0C, 8B, 4F, 10, 0B, C9, 74, 07, 03, F3, E8, 13, 00, 00, 00, 4A, 74, 05, 83, C7, 28, EB, E7, 59, 3B, C1, 90, 90, 61, E9, A9, E1, FF, FF, FC, 52, 8B, D0, 0B, D2, 75, 05, BA, 8E, 24, 3B, 9C, AC, 49, 0B, C9, 74, 14, 32, D0, B0, 08, D1, EA, 73, 06, 81, F2, 9A, F3, A7, C1, FE, C8, 75, F2, EB, E6, 92... 
[+]

Entropy:

7.9737

Packer / compiler:

ASPack v1.08.04

Code size:

725 KB (742,400 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.