home

setup.exe

Upgrader

Landi Multimedia CR, s.r.o.

The executable setup.exe has been detected as malware by 9 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Microsoft  (signed by Landi Multimedia CR, s.r.o.)

Product:
Upgrader

Version:
1.00

MD5:
a1b282c07d872c545350983f7e3f80c6

SHA-1:
cfcccea36c8dd820ef876720e5f4b99960d55879

SHA-256:
9a4739a66ae8b57f39fa38604a394937d4f151047abfacc9601dc5c901edd5b5

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/26/2024 3:20:37 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Barys.442
5863612

Bitdefender
Gen:Variant.Barys.442
1.0.20.620

Emsisoft Anti-Malware
Gen:Variant.Barys.442
9.0.0.4799

F-Secure
Gen:Variant.Barys.442
5.13.68

G Data
Gen:Variant.Barys.442
15.5.24

McAfee
Trojan.Artemis!A1B282C07D87
16.8.708.2

MicroWorld eScan
Gen:Variant.Barys.442
16.0.0.372

Norman
Gen:Variant.Barys.442
03.12.2014 13:20:04

File size:
1 MB (1,089,368 bytes)

Product version:
1.00

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:
Landi Multimedia CR, s.r.o.

Authority:
DigiCert Inc

Valid from:
8/9/2011 2:00:00 AM

Valid to:
8/12/2014 2:00:00 PM

Subject:
CN="Landi Multimedia CR, s.r.o.", O="Landi Multimedia CR, s.r.o.", L=Prague 3, C=CZ

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
03D8B522DE16551BC32E8F321285896D

File PE Metadata
Compilation timestamp:
12/11/2013 8:55:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:O5TFMPBIjquNMqvH0QxRenhkPNeGoZ2lby7i7I53TcbO0kMM6AImzMT1F9ZTrPc5:QcMlnefK6J0nj7goyfEE

Entry address:
0x1A44

Entry point:
68, 04, 7B, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, A5, C0, 37, 46, CB, 1D, 51, 4E, 9E, 19, B8, AE, 3F, 02, 47, 9B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 54, 65, 6D, 70, 44, 69, 55, 70, 67, 72, 61, 64, 65, 72, 00, 6D, 70, 44, 69, 72, 65, 63, 00, 6F, 72, 79, 20, 2B, 20, 22, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 05, 00, 00, 00, 2B, 4C, 28, 69, 23, 14, 8D, 48, 93, FB, 09, EE, D3, 60, 10, 82, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1020 KB (1,044,480 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.