home

winsetupfromusb-1-6-beta1.exe

7-Zip

Igor Pavlov

The program is a setup application that uses the 7z Setup installer. The file has been seen being downloaded from www.winsetupfromusb.com.
Publisher:
Igor Pavlov

Product:
7-Zip

Description:
7z SFX

Version:
9.32 alpha

MD5:
7efa719d1107c8265973ff913d08be80

SHA-1:
35679d9d232fc2f27120c9b61dbae03407fe4348

SHA-256:
cbe39ecd53a4b547d3fe251c0d0f937b2a84ecf1a083ff95c0b08b179aacabbb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 4:02:05 AM UTC  (today)

File size:
12.4 MB (12,977,296 bytes)

Product version:
9.32 alpha

Copyright:
Copyright (c) 1999-2013 Igor Pavlov

Original file name:
7z.sfx.exe

File type:
Executable application (Win32 EXE)

Installer:
7z Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\winsetupfromusb-1-6-beta1.exe

File PE Metadata
Compilation timestamp:
12/1/2013 10:16:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:XVSo0aEsRp24ITm1QXDTuiPFpwqIfMbKk4oUFx2hyyq+gnoXWdnyuY8wZJE4bTj7:XVSorLaXJNOqIfFdis4uoXMndUJ3bj

Entry address:
0x2203A

Entry point:
8A, E3, F7, C3, 05, 41, 7B, 4F, 18, C2, FF, C5, 81, C8, DC, 1A, A0, A7, F2, 87, F6, F6, C0, D8, 4A, 85, CE, 88, FE, C6, C6, 1C, 89, F6, 19, DE, 89, D7, 89, EF, 33, FA, 3B, F3, 52, 8D, 3D, BF, 06, A7, F9, 5A, 8B, F0, 47, F2, 8D, 0A, 81, EE, D9, 60, 27, BE, 81, C7, CB, 1A, 86, 51, 80, D2, AA, 69, D2, D5, 79, 2E, DB, 51, 81, FE, 04, 46, 00, 00, 70, 0A, 69, FE, C1, B0, 57, 25, FF, CF, FE, C6, 5B, 33, FD, 69, F7, 1A, 20, FC, D5, 8D, 35, E2, D0, 88, 9A, 8D, 15, 1B, B0, 25, 4D, 8B, C3, F3, 8A, F0, F3, 2B, E8, 85...
 
[+]

Entropy:
7.9988  (probably packed)

Code size:
142.5 KB (145,920 bytes)

The file winsetupfromusb-1-6-beta1.exe has been seen being distributed by the following URL.

http://www.winsetupfromusb.com/download/.../

Scan winsetupfromusb-1-6-beta1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.