» setup.exe
Overview
Analysis
File Details

setup.exe

The application setup.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

setup.exe

MD5:

08812c8de50cfe9eeea4e5fffd0f6536

SHA-1:

f6726a67185c65747e173194f0ac65d771d1159b

SHA-256:

8e8d30f9f7c21e8cc5ce1b01dd83727fac57a69d412c470df8a2859a486ad50e

Scanner detections:

21 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 4:02:42 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.60

431

Avira AntiVirus

TR/Agent.379392.1469

8.3.2.4

Arcabit

Trojan.Application.Bundler.60

1.0.0.624

avast!

Win32:Malware-gen

2014.9-151201

AVG

DealApp

2016.0.2909

Baidu Antivirus

PUA.Win32.DealPly

4.0.3.15121

Bitdefender

Gen:Variant.Application.Bundler.60

1.0.20.1675

ESET NOD32

Win32/DealPly.BX potentially unwanted (variant)

9.12644

F-Secure

Gen:Variant.Application.Bundler

11.2015-01-12_3

G Data

Gen:Variant.Application.Bundler.60

15.12.25

IKARUS anti.virus

Trojan.Agent

t3scan.1.9.5.0

K7 AntiVirus

Adware

13.212.17998

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1214

McAfee

RDN/Generic.hra

5600.6565

MicroWorld eScan

Gen:Variant.Application.Bundler.60

16.0.0.1005

NANO AntiVirus

Trojan.Win32.Agent.dymbzz

0.30.26.4751

Panda Antivirus

Trj/GdSda.A

15.12.01.07

Qihoo 360 Security

HEUR/QVM05.1.Malware.Gen

1.0.0.1077

Sophos

Generic PUA PG (PUA)

4.98

Trend Micro

TROJ_GEN.R02KC0OKE15

10.465.01

VIPRE Antivirus

Trojan.Win32.Generic

45510

File size:

370.5 KB (379,392 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:Bp3Wo+wagUssVTg5qbqE/KZnoyyMtfGCLbbwHYDTrLAd6Utcuw71vjPVoWwr7S//:vWFw2socq5KZnvTPAdTu7JPVoWw6//

Entry address:

0x546C4

Entry point:

55, 8B, EC, B9, 05, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, B8, 5C, 46, 45, 00, E8, AF, FB, FA, FF, 33, C0, 55, 68, 5B, 48, 45, 00, 64, FF, 30, 64, 89, 20, E8, EC, DF, FA, FF, 85, C0, 0F, 85, EB, 00, 00, 00, DB, 2D, 68, 48, 45, 00, E8, 39, E0, FA, FF, D8, 1D, 74, 48, 45, 00, DF, E0, 9E, 0F, 84, D1, 00, 00, 00, DB, 2D, 78, 48, 45, 00, D9, FA, D8, 1D, 84, 48, 45, 00, DF, E0, 9E, 0F, 84, BA, 00, 00, 00, DB, 2D, 88, 48, 45, 00, E8, 30, E0, FA, FF, D8, 1D, 94, 48, 45, 00, DF, E0, 9E, 0F, 84, A0, 00, 00, 00, DB... 
[+]

Entropy:

5.0628

Developed / compiled with:

Microsoft Visual C++

Code size:

334.5 KB (342,528 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.