» setup.exe
Overview
Analysis
File Details
Behaviors (1)

setup.exe

SiS VGA Installer

SILICON INTEGRATED SYSTEMS CORP.

The executable setup.exe, “SiS VGA Installer” has been detected as malware by 3 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program SiS VGA Utilities by Silicon Integrated Systems Corporation.

File name:

setup.exe

Publisher:

Silicon Integrated Systems Corporation (signed by SILICON INTEGRATED SYSTEMS CORP.)

Product:

SiS (R) VGA Installer

Description:

SiS VGA Installer

Version:

7, 14, 10, 5264

MD5:

dcbae04793b4b533653c0a16a3ac0109

SHA-1:

8ebc8e6cbe23e0643d4e7afb401a7f08c0b705f6

SHA-256:

792aa16dd61036a0179bb5cafbe333703cb7ad0e7d09f8a74e97dee91ca70221

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

5/10/2024 9:49:11 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Win32/Floxif.A

2013.0.4477

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

File size:

148.9 KB (152,423 bytes)

Product version:

7, 14, 10, 5264

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\sis vga utilities\setup.exe

Digital Signature

Signed by:

SILICON INTEGRATED SYSTEMS CORP.

Authority:

VeriSign, Inc.

Valid from:

7/14/2009 6:00:00 AM

Valid to:

8/12/2010 5:59:59 AM

Subject:

CN=SILICON INTEGRATED SYSTEMS CORP., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SILICON INTEGRATED SYSTEMS CORP., L=Hsinchu, S=Taiwan, C=TW

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4610B9B49837BC1080D0E6583D2A1238

File PE Metadata

Compilation timestamp:

12/18/2009 8:27:07 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:ItvL4nuPtamV2lQBV+UdE+rECWp7hK7aLl:wv0uFZBV+UdvrEFp7hK76l

Entry address:

0x1F4D

Entry point:

E9, 9D, 8D, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, A3, 74, 00, 41, 00, C3, 55, 8D, AC, 24, 58, FD, FF, FF, 81, EC, 28, 03, 00, 00, A1, 00, F0, 40, 00, 33, C5, 89, 85, A4, 02, 00, 00, 56, 89, 85, 88, 00, 00, 00, 89, 8D, 84, 00, 00, 00, 89, 95, 80, 00, 00, 00, 89, 5D, 7C, 89, 75, 78, 89, 7D, 74, 66, 8C, 95, A0, 00, 00, 00, 66, 8C, 8D, 94, 00, 00, 00, 66, 8C, 5D, 70, 66, 8C, 45, 6C, 66, 8C, 65, 68, 66, 8C, 6D, 64, 9C, 8F, 85, 98, 00, 00, 00, 8B, B5, AC, 02, 00, 00, 8D, 85, AC, 02, 00, 00, 89, 85, 9C, 00... 
[+]

Entropy:

7.2417

Packer / compiler:

Xtreme-Protector v1.05

Code size:

44 KB (45,056 bytes)

Program Uninstaller

Program name:

SiS VGA Utilities

Display publisher:

Silicon Integrated Systems Corporation

Display version:

5.29

Uninstall string:

C:\Program Files\SiS VGA Utilities\Setup.exe -u

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.