» setup.exe
Overview
Analysis
File Details
Downloads (1)

setup.exe

Smart Secure Software S.l.

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application setup.exe by Smart Secure Software S.l has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. The file has been seen being downloaded from javdownloaderx.com.

File name:

setup.exe

Publisher:

Smart Secure Software S.l. (signed and verified)

MD5:

1ab6a43d260252761d16d4f5e15004d3

SHA-1:

f31385a84f5c9245e86935aba57b629b0aec3b4d

SHA-256:

3a155bc6d0912c99c83c90b8ffa0b2c2efa069a0278c2f30d674240854dca4da

Scanner detections:

22 / 68

Status:

Adware

Description:

This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:

5/28/2024 1:10:27 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.168670

6450970

AhnLab V3 Security

PUP/Win32.SoftPulse

2015.02.22

Avira AntiVirus

PUA/Softpulse.Gen2

7.11.211.248

avast!

Win32:SoftPulse-EY [PUP]

150101-1

AVG

Generic6

2016.0.3191

Bitdefender

Gen:Variant.Adware.Graftor.168670

1.0.20.265

Clam AntiVirus

Win.Adware.Softpulse-101

0.98/20089

Comodo Security

Application.Win32.SoftPulse.D

21168

Dr.Web

Trojan.DownLoader12.20690

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.168670

9.0.0.4799

ESET NOD32

Win32/Adware.Sambamedia.A application

7.0.302.0

F-Secure

Gen:Variant.Adware.Graftor.168670

11.2015-22-02_1

G Data

Gen:Variant.Adware.Graftor.168670

15.2.25

IKARUS anti.virus

not-a-virus:Downloader.DriverUpd

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.197.15043

Malwarebytes

PUP.Optional.SoftPulse.gen

v2015.02.22.02

McAfee

Program.SoftPulse

16.8.708.2

MicroWorld eScan

Gen:Variant.Adware.Graftor.168670

16.0.0.159

NANO AntiVirus

Riskware.Win32.SoftPulse.dneycs

0.30.0.296

Reason Heuristics

PUP.Installer.Softpulse

15.2.22.1

VIPRE Antivirus

Threat.4150696

37588

Zillya! Antivirus

Adware.Sambamedia.Win32.1

2.0.0.2077

File size:

1 MB (1,088,680 bytes)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Softpulse SoftwareBundler

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

Smart Secure Software S.l.

Authority:

COMODO CA Limited

Valid from:

12/14/2014 7:00:00 PM

Valid to:

12/15/2015 6:59:59 PM

Subject:

CN=Smart Secure Software S.l., O=Smart Secure Software S.l., STREET=El Pozo 17B, L=Adeje, S=Santa Cruz de Tenerife, PostalCode=38680, C=ES

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

3FE11492275B337C9F032D96A4574137

File PE Metadata

Compilation timestamp:

1/27/2015 11:59:27 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:JJGR1dbA6lWvlNKlrkv7FWPR2uQSkBmDJvq+STn2BKL6HcuE:JuZA68tw9kvyR5QSh7ST2EL68l

Entry address:

0x13DEF0

Entry point:

60, BE, 00, F0, 43, 00, 8D, BE, 00, 20, FC, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 04, BA, 13, 00, 57, 83, C3, 04, 53, 68, E8, EE, 0F, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

1024 KB (1,048,576 bytes)

The file setup.exe has been seen being distributed by the following URL.

http://javdownloaderx.com/.../out.php?sxid=s3ei5k249304

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.