» Setup.exe
Overview
Analysis
File Details

Setup.exe

Smart Secure Software S.l.

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file Setup.exe by Smart Secure Software S.l has been detected as adware by 30 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.

File name:

Setup.exe

Publisher:

Smart Secure Software S.l. (signed and verified)

MD5:

ed6ea47880322f8601740cc6866ec56d

SHA-1:

b089612c90403abee0aac3bde573287f9a0ce813

SHA-256:

9b7a9bfc4fbb052ee738bd58b3334fca6b06ea7779b84f3685719b37d4f85647

Scanner detections:

30 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

5/8/2024 12:32:25 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.168670

6561816

Agnitum Outpost

Trojan.Inject

7.1.1

AhnLab V3 Security

PUP/Win32.SoftPulse

2015.02.04

Avira AntiVirus

PUA/SoftPulse.oanx

7.11.206.200

avast!

Win32:SoftPulse-EY [PUP]

150101-1

AVG

Generic

2016.0.3185

Bitdefender

Gen:Variant.Adware.Graftor.168670

1.0.20.290

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

Win.Adware.Softpulse-100

0.98/20120

Comodo Security

Application.Win32.SoftPulse.D

20951

Dr.Web

Trojan.DownLoader12.19495

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.168670

9.0.0.4799

ESET NOD32

Win32/SoftPulse.S potentially unwanted application

7.0.302.0

F-Prot

W32/S-03c7a2b4

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Graftor.168670

5.13.68

G Data

Gen:Variant.Adware.Graftor.168670

15.2.25

IKARUS anti.virus

PUA.SoftPulse

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.193.14852

Kaspersky

Trojan.Win32.Inject

15.0.0.543

Malwarebytes

PUP.Optional.SoftPulse.gen

v2015.02.27.09

McAfee

Program.SoftPulse

16.8.708.2

MicroWorld eScan

Gen:Variant.Adware.Graftor.168670

16.0.0.174

NANO AntiVirus

Trojan.Win32.DriverUpd.dnfzzy

0.30.0.65070

Norman

Gen:Variant.Adware.Graftor.168670

02.01.2015 13:58:24

Panda Antivirus

Trj/Genetic.gen

15.02.27.09

Reason Heuristics

PUP.Softpulse

15.2.27.21

Sophos

PUA 'SoftPulse' (of type Adware)

5.11

Vba32 AntiVirus

Downloader.DriverUpd

3.12.26.3

VIPRE Antivirus

Threat.4783235

36666

Zillya! Antivirus

Adware.SoftPulse.Win32.106

2.0.0.2056

File size:

1.3 MB (1,319,672 bytes)

Bundler/Installer:

Softpulse SoftwareBundler

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

Smart Secure Software S.l.

Authority:

COMODO CA Limited

Valid from:

6/16/2014 5:00:00 PM

Valid to:

6/17/2015 4:59:59 PM

Subject:

CN=Smart Secure Software S.l., O=Smart Secure Software S.l., STREET=Calle el Pozo 17B, L=Guia de isora, S=Santa Cruz de Tenerife, PostalCode=38680, C=ES

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D60847E39B584310D58407A5090B843C

File PE Metadata

Compilation timestamp:

1/30/2015 12:37:08 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:nk2pxhmobBu75QFgCmOxMT2iq091gutT0ugRfy4CQM4OpdM:k+rb4ydm3q09n4fuL3

Entry address:

0x1CE16

Entry point:

E8, AA, 85, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, F9, 1D, 00, 00, 8B, FF, 51, C7, 01, 8C, 3E, 48, 00, E8, 22, 86, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, CC, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, DF, 2A, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64... 
[+]

Entropy:

7.7193 (probably packed)

Code size:

206 KB (210,944 bytes)

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.