home

vpsetup.exe

optikVerve Labs

The program is a setup application that uses the Inno Setup installer. This is installed with multiple programs including virtualPhotographer 1.5.6. The file has been seen being downloaded from dl.cdn.chip.de and multiple other hosts.
Publisher:
optikVerve Labs

Description:
virtualPhotographer Setup

MD5:
6247d99001b105a227327b4f3c31f792

SHA-1:
a6278fdf8d23308a58eb540e1f06dddc863a0c63

SHA-256:
cec1360822a36e61659bedfc06017b0372fa6a903a71f1bd56285e2b60986bd3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 3:51:44 AM UTC  (today)

File size:
644 KB (659,480 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vpsetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:EmkOyMJfsGgqLFr2fmWYMzpiGgeYbcVfp361+qMuhVjFQN5WLqPP/huErwmIfYTb:EfOyMJfsABaeMXgTbYnfuVjWN5yArDd/

Entry address:
0x98CC

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, FA, 97, FF, FF, E8, 01, AA, FF, FF, E8, 2C, CC, FF, FF, E8, 73, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 76, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 2C, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D8, BD, 40, 00, E8, AB, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D8, BD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9634

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

The file vpsetup.exe has been discovered within the following programs.

Harry's Filters 3.01  by The Plugin Site
www.thepluginsite.com
About 1% of users remove it
virtualPhotographer 1.5.6  by optikVerve Labs
www.optikvervelabs.com
About 6% of users remove it
 
Powered by Should I Remove It?

The file vpsetup.exe has been seen being distributed by the following 9 URLs.

http://dl.cdn.chip.de/downloads/.../vPsetup156.exe

http://software-files-a.cnet.com/s/software/.../01/78/.../vPsetup.exe

http://gsf-cf.softonic.com/a62/78f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=46578&instance=softonic_en&type=PROGRAM&Expires=1451466058&Signature=QlJcfjOeulPntUuQFeffBjxtww0m~IEt0xnY0uhRlgxdHDt0NwGPhZ9TiX2tihCxpF8RqD0a77ajSO77YB6qwcEavvJxa2yTehGrxEB64INE-i4BZ1e1BGn-sak~CaOmn3gGselWMdZ8ouAJDJ7q6ZdHSpCZW4T0JRACcVw0eBs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=vPsetup.exe

http://gsf-cf.softonic.com/a62/78f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=46578&instance=softonic_en&type=PROGRAM&Expires=1463215188&Signature=DcPAI1ibDxeVjkrv59K4h98ke6yVkUd86KltT4DyYDZdh1H5cOn-3byfqH48WjiqfGUnUXuh9Dd6l8El9quL917V8hx8P6qct5xieAlIcYsOTRD6qkcR1GmryU8d6hpbmxAX0FUJL-AXOHHIhAbM~EPimgxCIFn1jfZqMtw4zF0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=vPsetup.exe

http://virtualphotographer-plug-in.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPm/eURI0r2 Z1Ex4HTkguiuZyHJud643DM7EmpZq9imUEbCtjCgxiZmhgD00qSY68 /9WjtTwu4HRlAcLNKMnyBqDEBDTEPkcFCmcBXwl4am7w8rDxKDR/.../V1wmo6SU=

http://files.downloadnow.com/s/software/.../01/78/.../vPsetup.exe

http://www10.magnus.de/.../download.php?token=5e92453b-04fc-11e3-b002-90b11c4b3bfb

http://www.optikvervelabs.com/.../vPsetup.exe

http://files.snapfiles.com/.../vPsetup.exe

Scan vpsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.