home

setup_ms.exe

Домашний медиа сервер (UPnP)

Evgeny Lachinov

This is a setup program which is used to install the application. The file has been seen being downloaded from relizua.com and multiple other hosts.
Publisher:
Evgeny Lachinov  (signed and verified)

Product:
Домашний медиа сервер (UPnP)

Description:
Модуль распаковки дистрибутива Домашний медиа сервер (UPnP)

Version:
1.20.0.0

MD5:
28a5c4a8a40c2398ab3ce4b436a167ec

SHA-1:
269890e867213d295445aca4da1e01ebc0ba037a

SHA-256:
04ab2328902e381ea7ba7cf2492752054f3ab8f394bae74651fb4d29c4176c6a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/30/2024 4:34:05 AM UTC  (today)

File size:
28.2 MB (29,542,096 bytes)

Product version:
1.20

Copyright:
Copyright (C) Evgeny Lachinov,2008-2011

Original file name:
SETUPSFX.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup_ms.exe

Digital Signature
Signed by:
Evgeny Lachinov

Authority:
StartCom Ltd.

Valid from:
4/10/2014 10:16:34 AM

Valid to:
4/10/2016 5:15:46 AM

Subject:
E=eugene@wildmediaserver.com, CN=Evgeny Lachinov, L=Saint-Petersburg, S=Saint Petersburg City, C=RU, Description=hybpw73e38z5P2S4

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0DAD

File PE Metadata
Compilation timestamp:
8/20/2011 9:35:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:SdCigGvLa6UR1fnOBYC4b3fSWSJCOGgl+ZDssMTau:IbLadR1fn0YdtSJCOGjBs9Gu

Entry address:
0x3392C

Entry point:
55, 8B, EC, 83, C4, EC, 53, 56, 57, 33, C0, 89, 45, EC, B8, 98, 29, 43, 00, E8, 24, 30, FD, FF, 33, C0, 55, 68, 10, 3A, 43, 00, 64, FF, 30, 64, 89, 20, 6A, 00, E8, 87, 3E, FE, FF, A9, 00, 00, 00, 80, 0F, 94, C0, A2, 50, B3, 43, 00, 33, C0, 55, 68, F3, 39, 43, 00, 64, FF, 30, 64, 89, 20, B0, 01, E8, 5D, C4, FE, FF, 84, C0, 74, 58, 33, C0, 55, 68, 9E, 39, 43, 00, 64, FF, 30, 64, 89, 20, 33, C0, E8, 90, EF, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 39, E9, 75, 06, FD, FF, 01, 00, 00, 00, 34, 95, 40, 00, AF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
202 KB (206,848 bytes)

The file setup_ms.exe has been seen being distributed by the following 2 URLs.

http://relizua.com/.../go.php?url=aHR0cDovL3d3dy5ob21lbWVkaWFzZXJ2ZXIucnUvZmlsZXMvMTQ5L3NldHVwX21zLmV4ZQ==

https://www.homemediaserver.ru/files/.../setup_ms.exe

Scan setup_ms.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.