home

setup.exe

LLC Centr GRAND

This is a self-extracting archive and installer.
Publisher:
LLC Centr GRAND  (signed and verified)

MD5:
e66221512cf54b9f5efd5ddfcc9aeaff

SHA-1:
c0f3d64b2e27dda9f4c6072059fdd8b8120efaf9

SHA-256:
4942a03e9eca957574b0b2aaae076ac16880e4284dc3ca4c0ef093174bb8a310

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 2:01:15 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Malware-Cryptor.FSP.gen
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
38830

File size:
2.1 MB (2,246,432 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\distrib_6_0_4\setup.exe

Digital Signature
Signed by:
LLC Centr GRAND

Authority:
VeriSign, Inc.

Valid from:
10/22/2011 3:00:00 AM

Valid to:
11/21/2013 2:59:59 AM

Subject:
CN=LLC Centr GRAND, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LLC Centr GRAND, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3A81D9966773AB5D5219334F24E41AD2

File PE Metadata
Compilation timestamp:
6/19/2013 11:15:45 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:D+gYiT2lYb9ebSBZLBUSkbbtfitdOwhNJ/0WdyHlM1KMfaOXz8AP:P+SatodOwd3dMM1KMfaOXz8g

Entry address:
0xBA028

Entry point:
55, 8B, EC, 83, C4, F0, B8, F0, 3B, 4B, 00, E8, 94, 00, F5, FF, E8, 0B, A5, F4, FF, 85, C0, 75, 2F, 68, DC, A0, 4B, 00, 6A, FF, 6A, 00, E8, 31, 12, F5, FF, A3, F8, CE, 4B, 00, E8, 2F, 13, F5, FF, 3D, B7, 00, 00, 00, 74, 77, E8, A7, 4A, FF, FF, 3C, 02, 74, 07, E8, 06, 95, FF, FF, EB, 67, 33, C0, 55, 68, D0, A0, 4B, 00, 64, FF, 30, 64, 89, 20, A1, 50, D2, 4B, 00, 8B, 00, E8, DA, 28, FF, FF, 8B, 0D, E8, D2, 4B, 00, A1, 50, D2, 4B, 00, 8B, 00, 8B, 15, 6C, 13, 4B, 00, E8, DA, 28, FF, FF, A1, 50, D2, 4B, 00, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
740 KB (757,760 bytes)

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.