» setup.exe
Overview
Analysis
File Details

setup.exe

The application setup.exe has been detected as a potentially unwanted program by 24 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source.

File name:

setup.exe

MD5:

fac27c81e54917501cd5d21b3ea345ca

SHA-1:

901dabcf94f94f182dc0e24fc7d1e579de9ca6bf

SHA-256:

8052c68625196d9830a6069f686a04f6b07b6fb36ab9fbc9fc9350e45782fa08

Scanner detections:

24 / 68

Status:

Potentially unwanted

Analysis date:

4/28/2024 5:12:14 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Dealply.4

-40

Agnitum Outpost

PUA.DealPly

7.1.1

AhnLab V3 Security

PUP/Win32.Dealply

2015.10.16

Avira AntiVirus

ADWARE/DealPly.A.22453

8.3.2.2

Arcabit

Trojan.Adware.Dealply.4

1.0.0.582

avast!

Win32:Adware-gen [Adw]

2014.9-170315

AVG

DealApp

2018.0.2438

Baidu Antivirus

PUA.Win32.DealPly

4.0.3.17315

Bitdefender

Gen:Variant.Adware.Dealply.4

1.0.20.370

Comodo Security

ApplicUnwnt.Win32.DealPly.b

23419

Emsisoft Anti-Malware

Gen:Variant.Adware.Dealply

8.17.03.15.11

ESET NOD32

Win32/DealPly.BD potentially unwanted (variant)

11.12412

F-Prot

W32/Graftor.CB.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Dealply

11.2017-15-03_4

G Data

Gen:Variant.Adware.Dealply

17.3.25

K7 AntiVirus

Adware

13.210.17544

Malwarebytes

PUP.Optional.DealPly

v2017.03.15.11

McAfee

Artemis!FAC27C81E549

5600.6094

MicroWorld eScan

Gen:Variant.Adware.Dealply.4

18.0.0.222

NANO AntiVirus

Riskware.Win32.DealPly.durypc

0.30.26.3947

Reason Heuristics

PUP.NewMedia.ICDP (M)

17.3.15.23

Rising Antivirus

PE:Malware.RDM.40!5.2E[F1]

23.00.65.17313

SUPERAntiSpyware

Adware.DealPly/Variant

8533

Trend Micro

TROJ_GEN.R00XC0OJ115

10.465.15

File size:

440 KB (450,560 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x5F8A8

Entry point:

55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 10, F7, 45, 00, E8, 67, 75, FA, FF, 33, C0, 55, 68, A8, F9, 45, 00, 64, FF, 30, 64, 89, 20, E8, 24, 31, FA, FF, 85, C0, 0F, 85, 9E, 00, 00, 00, 6A, 00, 68, B6, 02, 00, 00, E8, 78, 6F, FA, FF, 83, C4, 08, D8, 1D, B4, F9, 45, 00, DF, E0, 9E, 0F, 84, 80, 00, 00, 00, 8D, 45, EC, 50, B9, 0F, 00, 00, 00, BA, 01, 00, 00, 00, B8, C0, F9, 45, 00, E8, D2, 54, FA, FF, 8B, 45, EC, BA, D8, F9, 45, 00, E8, B1, 53, FA, FF, 74, 59, DB, 2D, EC, F9, 45, 00, E8, E4, 31, FA, FF... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

379 KB (388,096 bytes)

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.