» setup.exe
Overview
Analysis
File Details

setup.exe

The application setup.exe has been detected as a potentially unwanted program by 12 anti-malware scanners.

File name:

setup.exe

MD5:

f79369269b049e93cb7f40cc23c906a3

SHA-1:

a2fabf3519b0cd60c757815d5ec2e051fdaf014c

SHA-256:

9f190b8967855739bf4a287639672e29efc183cae01422802ae62c340a892976

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 6:50:37 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/DealPly.A.40067

8.3.2.2

Arcabit

Trojan.Generic.D2B90C1

1.0.0.593

avast!

Win32:Malware-gen

2014.9-151201

Bitdefender

Trojan.GenericKD.2855105

1.0.20.1675

Emsisoft Anti-Malware

Trojan.GenericKD.2855105

8.15.12.01.06

ESET NOD32

Win32/DealPly.BX potentially unwanted (variant)

9.12566

Fortinet FortiGate

Riskware/DealPly

12/1/2015

F-Secure

Trojan.GenericKD.2855105

11.2015-01-12_3

G Data

Trojan.GenericKD.2855105

15.12.25

MicroWorld eScan

Trojan.GenericKD.2855105

16.0.0.1005

nProtect

Trojan.GenericKD.2855105

15.11.13.01

Qihoo 360 Security

HEUR/QVM05.1.Malware.Gen

1.0.0.1077

File size:

527 KB (539,648 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

File PE Metadata

Compilation timestamp:

6/19/1992 2:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:POj4DOO3/qGz1enH41VvD3xWIAjUxquaasb:PCd41eY1VvLxzKzxVb

Entry address:

0x74200

Entry point:

55, 8B, EC, B9, 04, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, B8, 60, 40, 47, 00, E8, BE, 26, F9, FF, 33, C0, 55, 68, 92, 43, 47, 00, 64, FF, 30, 64, 89, 20, E8, BF, E7, F8, FF, 85, C0, 0F, 85, FA, 00, 00, 00, 8D, 4D, EC, BA, 0E, 00, 00, 00, B0, 66, E8, AC, 08, F9, FF, 83, 7D, EC, 00, 0F, 84, E1, 00, 00, 00, DB, 2D, A0, 43, 47, 00, E8, 27, E8, F8, FF, E8, 82, E8, F8, FF, 83, FA, 00, 75, 20, 3D, 0C, 04, 00, 00, 75, 19, 8D, 4D, E8, BA, 11, 00, 00, 00, B0, 6F, E8, 77, 08, F9, FF, 83, 7D, E8, 00, 0F, 84, AC... 
[+]

Entropy:

6.4821

Developed / compiled with:

Microsoft Visual C++

Code size:

461.5 KB (472,576 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.