home

Setup.exe

Bohemia Interactive Setup

Tages SAS

This is a setup and installation application.
Publisher:
Tages SAS  (signed and verified)

Product:
Bohemia Interactive Setup

Description:
Setup

Version:
2, 0, 2, 0

MD5:
16b2ce6975c7b3ae45f843ef69cabc12

SHA-1:
c271df6e156b38129204a257f1cd37ee23625526

SHA-256:
e3adf339f807151285ca5df4440488b7e8e7ffcf31e74f8e2903ebd042587e6f

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 10:54:56 AM UTC  (today)

Scan engine
Detection
Engine version

Fortinet FortiGate
W32/Etap.B
2/23/2015

F-Prot
W32/Troj_Obfusc.D.gen
v6.4.7.1.166

McAfee
Artemis!16B2CE6975C7
5600.6845

Norman
Suspicious_Gen4.AQUMG
11.20150223

Total Defense
Win32/Etap
37.0.10498

Trend Micro House Call
TROJ_GEN.RCBB1IK
7.2.54

VIPRE Antivirus
Trojan.Win32.Generic
20862

File size:
7.3 MB (7,703,432 bytes)

Product version:
2, 0, 2, 0

Copyright:
Copyright (C) 2010

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:
Tages SAS

Authority:
GlobalSign nv-sa

Valid from:
9/28/2010 6:50:46 AM

Valid to:
9/28/2012 6:50:40 AM

Subject:
E=info@solidshield.com, CN=Tages SAS, O=Tages SAS, L=Cannes La Bocca, S=Alpes-Cote d Azur, C=FR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012B58440C09

File PE Metadata
OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:uV2aq0DBTXVA9CYS6o4nfAbqsIGXKbXl58/3i:ufzDBjVA5nfHH8a

Entry address:
0x548059

Entry point:
9C, 60, E8, 00, 00, 00, 00, 58, 89, C7, 57, 81, EF, 60, 00, 00, 00, 8B, 77, 20, 2D, 60, 80, 54, 00, 01, C6, 8B, 36, 56, 8B, 37, 01, C6, 8B, 36, 56, 89, F9, 81, C1, 28, 00, 00, 00, 51, 6A, 00, 55, 89, E5, 83, EC, 18, 89, 5D, E8, 89, 75, EC, 89, 7D, F0, 8B, 5D, 08, 8B, 45, 0C, 8B, 55, 10, 89, 45, F4, 89, D6, 8D, 45, FC, 50, 6A, 40, 6A, 10, 53, 8B, 45, F4, FF, D0, 89, DF, 6A, 04, 68, 00, 30, 00, 00, 68, 00, 20, 00, 00, 6A, 00, 89, F0, FF, D0, BA, 00, 00, 00, 00, 89, 07, 89, 57, 04, 83, C7, 08, 6A, 40, 68, 00...
 
[+]

Entropy:
7.4694

Code size:
2.3 MB (2,456,064 bytes)

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.