» setup.exe
Overview
Analysis
File Details

setup.exe

The executable setup.exe has been detected as malware by 22 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source.

File name:

setup.exe

MD5:

369eb4cdecfa92bdfc00d578b199f7a6

SHA-1:

13fba76ef5c159dd8492084258b6a241f1ebdd3a

SHA-256:

dd945ef045b69511d8f490f6abee7c787ab37b1b2026b190d0306a81e99d3827

Scanner detections:

22 / 68

Status:

Malware

Analysis date:

4/30/2024 9:05:13 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win32/Almanahe.worm.38400

5.0.

Avira AntiVirus

TR/VB.aux

7.9.1.108

Emsisoft A-Squared

W32.Alman!IK

4.5.0.43

avast!

Win32:Small-MIJ

2014.9-170314

AVG

Win32/Alman

2018.0.2440

Bitdefender

Win32.Almanahe.B

1.0.20.365

Comodo Security

Virus.Win32.Almanahe._0

3103

Dr.Web

Win32.Alman

9.0.1.073

F-Prot

W32/Heuristic-210

v6.4.5.1.85

F-Secure

Win32.Almanahe.B

11.2017-14-03_3

G Data

Win32.Almanahe

17.3.19

IKARUS anti.virus

W32.Alman

t3scan.1.1.74.0

Kaspersky

Trojan-Dropper.Win32.Agent

14.0.0.-1306

McAfee

W32/Almanahe

5600.6096

Microsoft Security Essentials

Trojan:Win32/Almanahe.B.dll

1.163.1557.0

Norman

W32/Agent.CYLO.dropper

11.20170314

Panda Antivirus

Suspicious file

17.03.14.04

Quick Heal

Win32.Trojan-Dropper.Agent.dlo

3.17.10.00

Rising Antivirus

Trojan.Win32.Undef.kup

23.00.65.17312

Sophos

W32/Alman-F

4.48

Trend Micro

TROJ_CORELINK.D

10.465.14

Vba32 AntiVirus

Trojan-Dropper.Win32.Small.axz

3.12.12.0

File size:

37.5 KB (38,400 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

4/15/2007 1:37:43 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

Entry address:

0x1A00

Entry point:

EB, 0F, 5B, B9, 50, 00, 00, 00, 4B, 80, 34, 0B, DE, E2, FA, EB, 05, E8, EC, FF, FF, FF, 36, C2, DE, DE, DE, 65, F6, CE, DE, DE, DD, 06, 67, DE, D6, DE, DE, 95, 64, 7E, C9, DE, DE, DD, 0E, 8C, 5E, EA, D5, 99, 3C, 24, 1D, 8D, 36, DE, DE, DE, DE, 86, F3, F9, CE, 9E, DE, 65, F9, CE, 9E, DE, DD, 06, 95, B8, ED, 05, B8, 5F, E5, 93, 84, AB, 2B, 55, 2D, DD, AD, E2, 5F, E0, 8E, 9B, DE, DE, AB, 36, 55, 1D, 85, 1D, 9A, 68, 81, 04, 60, 00, 00, 00, 00, 08, 16, 40, FE, FD, 2F, 40, E0, 2E, 80, 16, 40, 00, 00, 8D, 80, 47... 
[+]

Entropy:

7.8105 (probably packed)

Code size:

2.5 KB (2,560 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.