» setupbatterycare.exe
Overview
Analysis
File Details
Downloads (24)

setupbatterycare.exe

BatteryCare

http://batterycare.net

The application setupbatterycare.exe, “BatteryCare Setup ” by http://batterycare.net has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from soft.mydiv.net and multiple other hosts.

File name:

Publisher:

Filipe Lourenço (signed by http://batterycare.net)

Product:

BatteryCare

Description:

BatteryCare Setup

MD5:

86a5fccdde14074e0219f08a40339f4d

SHA-1:

2bfbc99d4f34bcef6e4214d8df85623c80f772b2

SHA-256:

f036d14330179a7f844ce14d8e2460ba2915763199c77945c0a1c544ce231636

Scanner detections:

2 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

5/3/2024 6:42:42 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/FusionCore.I potentially unwanted application

6.3.12010.0

Reason Heuristics

PUP.InstallCore (L)

16.11.30.11

File size:

2.1 MB (2,170,008 bytes)

Product version:

0.9.27.0

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\batterycare\updatefiles\setupbatterycare.exe

Digital Signature

Signed by:

http://batterycare.net

Authority:

http://batterycare.net

Valid from:

9/1/2014 5:35:37 PM

Valid to:

12/31/2039 6:59:59 PM

Subject:

CN=http://batterycare.net

Issuer:

CN=http://batterycare.net

Serial number:

03285AEE32785D8F45E6631BE4A89D29

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:la6bmGbF20ziK0wYR9NAkWkFWmSF9MULW+wKJVMzCR85bcR8uj:k6bmYAK0XR9NAQFA9pSqMzCR6cR8uj

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Entropy:

7.9493

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file setupbatterycare.exe has been seen being distributed by the following 24 URLs.

http://soft.mydiv.net/win/dlfilec90b7_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfiled6e43_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile816db_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile3ba29_310311/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile36e7f_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfiled3111_310313/.../SetupBatteryCare.exe

https://downloader.disk.yandex.com/disk/75b10bfc9c5a9b50e4e294be589929964516cf3707ff1ec45cb37a9a6f13657c/583056e2/svGnl_L-M5s-Ur2cSvOxmsWyz3-aHrV3ofoLyUCtqBQqJmtN6TS33jtu0S7UoUjAxV7pZSLyjZKQEekhe-uglA==?uid=0&filename=SetupBatteryCare.exe&disposition=attachment&hash=dp7Aty8RZOr0XOu/.../x-msdownload&fsize=2170008&hid=71e86b183a96b3944a893d8035c01d9b&media_type=executable&tknv=v2

https://downloader.disk.yandex.com/disk/dd5c9aa7e6c7a8ed94b9aae19f8481c89e5c1922819581a19c9427f3bdf57c17/57ddef79/svGnl_L-M5s-Ur2cSvOxmsWyz3-aHrV3ofoLyUCtqBQqJmtN6TS33jtu0S7UoUjAxV7pZSLyjZKQEekhe-uglA==?uid=0&filename=SetupBatteryCare.exe&disposition=attachment&hash=dp7Aty8RZOr0XOu/.../x-msdownload&fsize=2170008&hid=71e86b183a96b3944a893d8035c01d9b&media_type=executable&tknv=v2

http://soft.mydiv.net/win/dlfile9f9b6_310311/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile26837_310311/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile7065a_310311/.../SetupBatteryCare.exe

http://www.softportal.com/getsoft-18905-batterycare-1.html

http://soft.mydiv.net/win/dlfile69974_310311/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfilef558b_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile3de21_310311/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfilefbb4f_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile7aa8f_310313/.../SetupBatteryCare.exe

https://downloader.disk.yandex.com/disk/98130bbadedb763b9820cf87402bfce4d8d7e4646b4cad54d353f5d40aa26e2e/5830daee/svGnl_L-M5s-Ur2cSvOxmsWyz3-aHrV3ofoLyUCtqBQqJmtN6TS33jtu0S7UoUjAxV7pZSLyjZKQEekhe-uglA==?uid=0&filename=SetupBatteryCare.exe&disposition=attachment&hash=dp7Aty8RZOr0XOu/.../x-msdownload&fsize=2170008&hid=71e86b183a96b3944a893d8035c01d9b&media_type=executable&tknv=v2

http://soft.mydiv.net/win/dlfile65e8b_310311/.../SetupBatteryCare.exe

https://downloader.disk.yandex.com/disk/592bdcbb2f114e38279bf49659715ec7d1b2ca3aec844d961998e2b61f0ce73e/580cca54/svGnl_L-M5s-Ur2cSvOxmsWyz3-aHrV3ofoLyUCtqBQqJmtN6TS33jtu0S7UoUjAxV7pZSLyjZKQEekhe-uglA==?uid=0&filename=SetupBatteryCare.exe&disposition=attachment&hash=dp7Aty8RZOr0XOu/.../x-msdownload&fsize=2170008&hid=71e86b183a96b3944a893d8035c01d9b&media_type=executable&tknv=v2

http://www.softportal.com/getsoft-18905-batterycare-3.html

http://soft.mydiv.net/win/dlfilea99c2_310313/.../SetupBatteryCare.exe

http://soft.mydiv.net/win/dlfile1cb0f_310313/.../SetupBatteryCare.exe

http://batterycare.net/.../SetupBatteryCare.exe

Remove setupbatterycare.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.