home

setup.exe

Giveaway of the Day

Softdeluxe Ltd.

The application setup.exe by Softdeluxe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program ScanPapyrus by BlackParrot Software. While running, it connects to the Internet address giveawayoftheday.com on port 443.
Publisher:
giveawayoftheday.com  (signed by Softdeluxe Ltd.)

Product:
Giveaway of the Day

Version:
2.0.2.26

MD5:
f3e55ecda1f943d1ca50e6c548f5588f

SHA-1:
c7e4f1a9cd24d9c524a100b533c241036efbaf8d

SHA-256:
3c8ead2b2419fca357de9ad735b1ab916512b15040f82b66cb5223415f87fbb3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 11:50:54 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softdeluxe.giveaway.Installer.Meta (M)
16.6.10.13

File size:
2.5 MB (2,585,720 bytes)

Product version:
2.0.2.0

Copyright:
Copyright (C) giveawayoftheday.com, 2006-2015

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\installers\icecreampdfsplitmergepro203-lpi7a2\setup.exe

Digital Signature
Signed by:
Softdeluxe Ltd.

Authority:
COMODO CA Limited

Valid from:
8/12/2013 3:00:00 AM

Valid to:
8/12/2016 2:59:59 AM

Subject:
CN=Softdeluxe Ltd., O=Softdeluxe Ltd., STREET="Universitetskaya St., 19", L=Dubna, S=Moscow region, PostalCode=141980, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2E75CC2B1043779E577FAA449BCE00A4

File PE Metadata
Compilation timestamp:
4/7/2015 1:36:26 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:vogzxWuhBeXfzBzZLT7OEAlzqb/s8dEtAESmoHxANphkmJ:voWTeXVzUEAMTs8dLEoHoph3J

Entry address:
0x5FB000

Entry point:
EB, 08, 0F, 36, 27, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, 4B, 15, 00, 00, 01, 00, 30, 82, 15, 47, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 15, 38, 30, 82, 15, 34, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 09, 4D, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 09, 3E, 04, 82, 09, 3A, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 02, 00, 00, 00, 26, 00, 00, 00, 01, 00, 33, 7C, FE, 57, 5C, FC, 03, E0, E4, B2, C6, 81, 3D, 01, 91, A0, C6...
 
[+]

Entropy:
7.9697  (probably packed)

Code size:
1.4 MB (1,496,576 bytes)

The file setup.exe has been discovered within the following program.

ScanPapyrus  by BlackParrot Software
scanpapyrus.com
About 1% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):
Connects to giveawayoftheday.com  (204.155.149.200:443)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.