home

tempo_setup.exe

CyberInstaller Suite

SilverCyberTech

This is a self-extracting archive and installer. The file has been seen being downloaded from www.webalice.it.
Publisher:
SilverCyberTech

Product:
CyberInstaller Suite

Description:
Extractor for CyberInstaller packages

Version:
4.0.0.367

MD5:
60d438b5f6d0b86a25c4198ba0f12e19

SHA-1:
360ab2fe1d51c5f242ff4bf0c16b90bfaa639776

SHA-256:
995bd68315d8ac9cfc94f3c23f45b60a28868f6f0c9d4d81f15d2a66370055e8

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
5/4/2024 1:19:57 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Flg!1.66BE
23.00.65.15524

Trend Micro House Call
Suspicious_GEN.F47V0415
7.2.146

File size:
4.3 MB (4,538,960 bytes)

Product version:
2008 1.0

Copyright:
Copyright 2007-2008 © by SilverCyberTech

Trademarks:
SilverCyberTech of Pappalardo Sergio

Original file name:
CyberExtractor

File type:
Executable application (Win32 EXE)

Language:
Italian (Italy)

Common path:
C:\users\{user}\downloads\tempo_setup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:VqoMCi18VdKgQ0b9T06WBPJNwGmwlTEKeKC9ULTiGFa8:VPC18V4W06EPjwylTEKedotFa8

Entry address:
0xEA410

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 4C, 84, 4E, 00, E8, 63, D0, F1, FF, 8B, 1D, 90, 1B, 4F, 00, A1, 64, 1C, 4F, 00, 33, D2, 89, 10, B2, 01, A1, 5C, CF, 4D, 00, E8, 68, 3A, FF, FF, 8B, 15, 64, 1C, 4F, 00, 89, 02, 33, C0, 55, 68, 29, A5, 4E, 00, 64, FF, 30, 64, 89, 20, A1, 64, 1C, 4F, 00, 8B, 00, 8B, 40, 0C, E8, 33, 30, FF, FF, A1, 64, 1C, 4F, 00, 8B, 00, 8B, 40, 10, E8, E8, 38, FF, FF, 8B, 03, E8, D1, 22, F8, FF, 8B, 03, BA, 40, A5, 4E, 00, E8, 45, 1D, F8, FF, 8B, 0D, 40, 19, 4F, 00, 8B, 03, 8B, 15, E8, 78, 4D...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
931.5 KB (953,856 bytes)

The file tempo_setup.exe has been seen being distributed by the following URL.

http://www.webalice.it/.../tempo_setup.exe

Scan tempo_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.