home

setupbridge.exe

Bridge From Special K Install Program

This is a setup and installation application. The file has been seen being downloaded from bridge-card-game-from-special-k.en.softonic.com and multiple other hosts.
Product:
Bridge From Special K Install Program

Version:
2, 0, 0, 34

MD5:
a858732ce72ed10d8649b3d330d431f4

SHA-1:
1825c3f208497c7af8acb718f2f15c2cb2f56f55

SHA-256:
b75bb4a3910fb47b225b3d4b2006a238a7ebdd891cf2e105cc00273971b39347

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/29/2024 2:12:46 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.861

File size:
3.9 MB (4,077,457 bytes)

Product version:
2, 0, 0, 34

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\setupbridge.exe

File PE Metadata
Compilation timestamp:
7/22/2009 4:13:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:mTUbjW5wD838r8Dg2vOZCwdNehx4/eU9nGRwjokgoWh:mkjMG83fDCHeU0Kj5U

Entry address:
0x13B3C

Entry point:
55, 8B, EC, 6A, FF, 68, 98, 87, 41, 00, 68, 60, 68, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, A4, 80, 41, 00, 33, D2, 8A, D4, 89, 15, 80, F0, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 7C, F0, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 78, F0, 41, 00, C1, E8, 10, A3, 74, F0, 41, 00, 33, F6, 56, E8, BB, 03, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, FD, 2A, 00, 00, FF, 15, 10, 81, 41, 00, A3, 8C, F5, 41, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
92 KB (94,208 bytes)

The file setupbridge.exe has been seen being distributed by the following 2 URLs.

http://bridge-card-game-from-special-k.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPUU9aRSUDg 7v0hqvPNHkQ /Sm GK2tvkuj2NRBh8vkYcvYedg0OJQepEMZFUOlcsRlBXAjfz/.../g9JqJbixS2rQFe lmPLzhEd5pt1Z6 BDfeAaMwnt2v0U=

http://www.specialksoftware.com/setupbridge.exe

Scan setupbridge.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.