» setup.exe
Overview
Analysis
File Details

setup.exe

Overall Media, Inc.

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application setup.exe, “Prime Installer ” by Overall Media has been detected as adware by 34 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

setup.exe

Publisher:

Prime Installer (signed by Overall Media, Inc.)

Product:

Prime Installer

Description:

Prime Installer

Version:

3.5.9.2

MD5:

f348bfeec25c3185bdcf2f9d25d4eb9a

SHA-1:

fa441059be41429c4f6aba907cfaaab896b62762

SHA-256:

fa406f0f8b3c7f751223465753534403071a3ddfc67d5b5432da81900aeab582

Scanner detections:

34 / 68

Status:

Adware

Explanation:

This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/16/2024 8:33:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.IBryte.BK

378

Agnitum Outpost

PUA.iBryte

7.1.1

AhnLab V3 Security

PUP/Win32.IBryte

2015.03.14

Avira AntiVirus

Adware/iBryte.bxpj

7.11.217.28

avast!

Win32:IBryte-KG [PUP]

2014.9-160122

AVG

Adware AdPlugin

2017.0.2856

Bitdefender

Application.Bundler.OptimumInstaller.Z

1.0.20.110

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

Win.Trojan.Agent-847729

0.98/20194

Comodo Security

Application.Win32.iBryte.BYK

21402

Dr.Web

Trojan.DownLoader12.15328

9.0.1.022

Emsisoft Anti-Malware

Adware.IBryte.BK

8.16.01.22.12

ESET NOD32

Win32/Adware.iBryte.BY application

10.7.0.302.0

Fortinet FortiGate

W32/Buzus.XLRR!tr

1/22/2016

F-Prot

W32/S-e4386d47

v6.4.7.1.166

F-Secure

Adware.IBryte.BK

11.2016-22-01_6

G Data

Application.Bundler.OptimumInstaller

16.1.25

IKARUS anti.virus

PUA.Bundler.OptimumInstaller

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.200.15259

Kaspersky

not-a-virus:AdWare.Win32.iBryte

14.0.0.777

Malwarebytes

PUP.Optional.SwiftBrowse

v2016.01.22.12

MicroWorld eScan

Gen:Variant.Zusy.122546

17.0.0.66

NANO AntiVirus

Trojan.Win32.DownLoader12.dnihtg

0.30.0.65070

Norman

IBryte.URL

11.20160122

nProtect

Adware.Ibryte.BM

15.02.03.01

Panda Antivirus

Generic Suspicious

16.01.22.12

Quick Heal

Adware.iBryte.S4

1.16.14.00

Reason Heuristics

PUP.Adknowledge.OverallMedia.Bundler (M)

16.1.22.12

Rising Antivirus

PE:Malware.iBryte!6.1C13

23.00.65.16120

Sophos

PUA 'iBryte Optimum Installer'

5.12

Total Defense

Win32/Tnega.ULHRQbD

37.0.11493

Vba32 AntiVirus

AdWare.iBryte

3.12.26.3

VIPRE Antivirus

Threat.4798837

36694

Zillya! Antivirus

Adware.iBryte.Win32.7461

2.0.0.2098

File size:

420.8 KB (430,904 bytes)

Product version:

3.5.9.2

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Adknowledge Fusion

Language:

English (United States)

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

Overall Media, Inc.

Authority:

COMODO CA Limited

Valid from:

5/14/2014 7:00:00 PM

Valid to:

5/15/2015 6:59:59 PM

Subject:

CN="Overall Media, Inc.", O="Overall Media, Inc.", STREET=855 Village Center Drv, STREET="Suite #336", L=St. Paul, S=MN, PostalCode=55127, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

20CC4646E1A4400DB7FA2D15D1C8F1CB

File PE Metadata

Compilation timestamp:

2/7/2015 6:00:24 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:Wyr7k7uTe6HVB1VFgK82szxr5G4w1lo3p4:dhaCT1VFgKfGJhp54

Entry address:

0x1B8E3

Entry point:

E8, 14, A2, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, 68, 50, B9, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 50, 27, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, 50... 
[+]

Entropy:

7.0829

Code size:

194 KB (198,656 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.