home

setup_b.exe

BR SOFTWARE LLC

The application setup_b.exe, “Acelerador de Downloads Setup ” by BR SOFTWARE has been detected as adware by 16 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider. It is also typically executed from the user's temporary directory.
Publisher:
Acelerador de Downloads   (signed by BR SOFTWARE LLC)

Product:
Acelerador de Downloads

Description:
Acelerador de Downloads Setup

MD5:
8857d74d5c7e9b1818d1bd833b9471e4

SHA-1:
73d40edabf00e72e64f78a2f10957e4c40da7dcc

SHA-256:
7f50da512634ac5482dfa330ecf52114520bbe47e2ea245b88b7c1db9c1e1945

Scanner detections:
16 / 68

Status:
Adware

Explanation:
The installer may include an offer for the Babylon Toolbar (a homepage/search hijacker), which is potentially installed with minimal user consent.

Analysis date:
5/4/2025 2:58:06 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/InstallCo.TG
7.11.97.32

avast!
Win32:Downloader-RPH [Adw]
2014.9-141222

Bitdefender
Application.Generic.513490
1.0.20.1780

Comodo Security
ApplicUnwnt
16785

Dr.Web
Adware.Shopper.328
9.0.1.0356

Emsisoft Anti-Malware
Application.Generic.513490
8.14.12.22.07

ESET NOD32
Win32/Toolbar.Babylon (variant)
8.8699

F-Secure
Application.Generic.513490
11.2014-22-12_2

G Data
Application.Generic.513490
14.12.22

IKARUS anti.virus
BHO.Win32.DealPly
t3scan.2.0.127

Malwarebytes
Adware.Bundler
v2014.12.22.07

McAfee
Artemis!8857D74D5C7E
5600.6908

MicroWorld eScan
Application.Generic.513490
15.0.0.1068

Reason Heuristics
PUP.Installer.BRSOFTWARE.H
14.12.22.19

Sophos
Generic PUA HD
4.91

Trend Micro House Call
TROJ_GEN.RC9H1LG
7.2.356

File size:
2.1 MB (2,188,176 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\setup_b.exe

Digital Signature
Signed by:
BR SOFTWARE LLC

Authority:
GlobalSign nv-sa

Valid from:
11/14/2012 7:19:04 PM

Valid to:
6/9/2015 3:58:43 PM

Subject:
CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121DB1AC4833A03A1E0236635267598B169

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:yqmiWKsNEjmnjW4CCnqVbiURS9kMr4D6BOvkD5p2we2:3nWK6rjW4Cn9RSnra6BOvk9

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

Remove setup_b.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.