home

setup.exe

Dashboot

This is published and distributed via an Adknowledge's advertising supported (adware) software installer. The application setup.exe, “Swift Installer ” by Dashboot has been detected as adware by 21 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer.
Publisher:
Swift Installer   (signed by Dashboot)

Product:
Swift Installer

Description:
Swift Installer

Version:
2.4.8.1

MD5:
5805f70cc31f3d4f7557e8b87d64f641

SHA-1:
a6580793177f7cc1258f8622845458915168b827

SHA-256:
ceee604f5adc4d119c2c9a939886b63db8ae152bfe340b0ed17396ab69e5b5c8

Scanner detections:
21 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/6/2024 2:07:22 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Strictor.71370
6103667

AhnLab V3 Security
PUP/Win32.IBryte
2014.12.08

Avira AntiVirus
ADWARE/iBryte.Gen7
7.11.193.70

AVG
AdPlugin
2015.0.3268

Bitdefender
Gen:Variant.Adware.Strictor.71370
1.0.20.1705

Comodo Security
Application.Win32.Ibryte.NW
20297

Dr.Web
Trojan.DownLoader11.49473
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Strictor.71370
9.0.0.4668

ESET NOD32
Win32/Adware.iBryte.BR application
7.0.302.0

F-Prot
W32/A-a1a6e5b1
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Strictor.71370
11.2014-07-12_1

G Data
Gen:Variant.Adware.Strictor.71370
14.12.24

Kaspersky
Trojan.Win32.Buzus
15.0.0.543

Malwarebytes
PUP.Optional.IBryte
v2014.12.07.09

McAfee
Program.IBryte-FSO
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.Strictor.71370
15.0.0.1023

Norman
Gen:Variant.Adware.Strictor.71370
04.12.2014 14:30:06

Panda Antivirus
Trj/Genetic.gen
14.12.07.09

Reason Heuristics
PUP.Installer.Dashboot.F
14.12.11.23

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Threat.4798837
35418

File size:
333.4 KB (341,360 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) Swift Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Dashboot

Authority:
COMODO CA Limited

Valid from:
7/16/2014 1:00:00 AM

Valid to:
7/17/2015 12:59:59 AM

Subject:
CN=Dashboot, O=Dashboot, STREET=4600 Madison Ave FL 10, L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
38639BB44C364AEC1911230BD3196A03

File PE Metadata
Compilation timestamp:
12/7/2014 12:00:34 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:eZOQtZQ2eWto6koWdj2iRzm7/Wff9jBiJ:egQtZQ2eD6od6iRzm7/U1i

Entry address:
0x18863

Entry point:
E8, 17, A6, 00, 00, E9, 78, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 8C, C6, 43, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 8C, C6, 43, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F...
 
[+]

Entropy:
5.9150

Code size:
185 KB (189,440 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.