» setup.exe
Overview
Analysis
File Details

setup.exe

Moorche 30 DVDs

MRT www.Win2Farsi.com

The executable setup.exe has been detected as malware by 18 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source.

File name:

setup.exe

Publisher:

MRT www.Win2Farsi.com

Product:

Moorche 30 DVDs

Version:

MRT www.Win2Farsi.com

MD5:

8052067c73a195a5bf907fa3e680c3a6

SHA-1:

915002e66baf096fc5bc5412aae0074e80ef8e33

SHA-256:

8d7a61653110ed39311d8d707b0ddc69ad85e31c4f9f0dd3a2ea9b507b35d35e

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/25/2024 1:02:18 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.112985

1023

Agnitum Outpost

Trojan.Kazy

7.1.1

Avira AntiVirus

TR/Kazy.112985.5

7.11.143.80

AVG

Pakes_c

2015.0.3501

Bitdefender

Gen:Variant.Kazy.112985

1.0.20.540

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

UnclassifiedMalware

18102

Dr.Web

Trojan.Siggen2.512

9.0.1.0108

Emsisoft Anti-Malware

Gen:Variant.Kazy.112985

8.14.04.18.09

F-Secure

Gen:Variant.Kazy.112985

11.2014-18-04_6

G Data

Gen:Variant.Kazy.112985

14.4.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

McAfee

Artemis!8052067C73A1

5600.7157

MicroWorld eScan

Gen:Variant.Kazy.112985

15.0.0.324

NANO AntiVirus

Trojan.Win32.Thed.cthmze

0.28.0.59048

Norman

Suspicious_Gen5.VVJR

11.20140418

Panda Antivirus

Trj/Thed.E

14.04.18.09

VIPRE Antivirus

Trojan.Win32.Generic

28214

File size:

1.1 MB (1,131,872 bytes)

Product version:

MRT www.Win2Farsi.com

Modified:1995-2012 MRT www.Win2Farsi.com

Original file name:

Moorche 30 DVDs

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

11/19/2005 5:45:30 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:ThBrivlknES6XTfWs7DKCK1JmPAMbEtW8:rivlhTus618E48

Entry address:

0x2157

Entry point:

55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 29, 51, 41, 00, B8, B2, AB, DB, 30, 60, 67, 6A, 85, 68, 8E, 1B, 0E, 5B, 11, 0E, 20, 64, 60, 9C, C9, 28, EF, 11, 67, 86, AB, CB, 40, 7C, 64, D0, BF, 25, 62, E2, D6, 29, F2, 9C, 82, C3, EA, AF, 76, C1, 30, B4, 34, 41, 0F, 68, 67, 25, EE, 67, D6, 28, 37, 7F, E2, B8, FB, 16, A7, 1E, 39, 64, 4C, C2, 22, 6A, 0E, 0F, 0E, D1, 38, 9E, 3C, 2D, 9A, 21, 7D, 34, 3D, 9E, C8, 4F, 18, 6F, 07, 66, 8E, 5D, F3, 46, 71, CB, 58, 3A... 
[+]

Entropy:

7.2535

Developed / compiled with:

Microsoft Visual C++

Code size:

24 KB (24,576 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.