» Setup.exe
Overview
Analysis
File Details

Setup.exe

Smart Secure Software S.l.

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file Setup.exe by Smart Secure Software S.l has been detected as adware by 30 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.

File name:

Setup.exe

Publisher:

Smart Secure Software S.l. (signed and verified)

MD5:

a134fbf8b38447e18cab4024693d7a09

SHA-1:

9ccd93d01c11ececec9fd71e9ca9bc71d3523452

SHA-256:

18ad6e328569a27bad8a33640b0d4d4d660f63f6b29b41e0c3d7072e903b263a

Scanner detections:

30 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/25/2024 12:12:32 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.168670

6561816

Agnitum Outpost

Trojan.Inject

7.1.1

AhnLab V3 Security

PUP/Win32.SoftPulse

2015.02.01

Avira AntiVirus

APPL/Softpulse.oanx

7.11.206.68

avast!

Win32:SoftPulse-EY [PUP]

150129-1

AVG

Generic

2016.0.3185

Bitdefender

Gen:Variant.Adware.Graftor.168670

1.0.20.290

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

Win.Adware.Softpulse-100

0.98/20124

Comodo Security

Application.Win32.SoftPulse.D

20920

Dr.Web

Trojan.DownLoader12.19495

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.168670

9.0.0.4799

ESET NOD32

Win32/SoftPulse.S potentially unwanted application

7.0.302.0

F-Prot

W32/S-03c7a2b4

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Graftor.168670

5.13.68

G Data

Gen:Variant.Adware.Graftor.168670

15.2.25

IKARUS anti.virus

PUA.SoftPulse

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.193.14824

Kaspersky

Trojan.Win32.Inject

15.0.0.543

Malwarebytes

PUP.Optional.SoftPulse.gen

v2015.02.27.09

McAfee

Program.SoftPulse

16.8.708.2

MicroWorld eScan

Gen:Variant.Adware.Graftor.168670

16.0.0.174

NANO AntiVirus

Trojan.Win32.DriverUpd.dnfzzy

0.30.0.65070

Norman

Gen:Variant.Adware.Graftor.168670

11.20150227

Panda Antivirus

Trj/Genetic.gen

15.02.27.09

Reason Heuristics

PUP.Softpulse

15.2.27.21

Sophos

PUA 'SoftPulse' (of type Adware)

5.11

Vba32 AntiVirus

Downloader.DriverUpd

3.12.26.3

VIPRE Antivirus

Threat.4783235

36666

Zillya! Antivirus

Adware.SoftPulse.Win32.106

2.0.0.2056

File size:

1.3 MB (1,319,664 bytes)

Bundler/Installer:

Softpulse SoftwareBundler

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

Smart Secure Software S.l.

Authority:

COMODO CA Limited

Valid from:

6/16/2014 5:00:00 PM

Valid to:

6/17/2015 4:59:59 PM

Subject:

CN=Smart Secure Software S.l., O=Smart Secure Software S.l., STREET=Calle el Pozo 17B, L=Guia de isora, S=Santa Cruz de Tenerife, PostalCode=38680, C=ES

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D60847E39B584310D58407A5090B843C

File PE Metadata

Compilation timestamp:

1/30/2015 12:37:08 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:Xk2pxhmobBu75QFgCmOxMT2iq091gutT0ugRfy4CQM4OpdM:U+rb4ydm3q09n4fuL3

Entry address:

0x1CE16

Entry point:

E8, AA, 85, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, F9, 1D, 00, 00, 8B, FF, 51, C7, 01, 8C, 3E, 48, 00, E8, 22, 86, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, CC, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, DF, 2A, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64... 
[+]

Entropy:

7.7192 (probably packed)

Code size:

206 KB (210,944 bytes)

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.