home

1clextsetup.exe

The application 1clextsetup.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from files.download1click.ws.
MD5:
30e92931e81b01a1495cf39024e438a4

SHA-1:
7dde1ef7765982f60ed50b3b4f234b5d34c76b61

SHA-256:
b8ee6fc379bd6407e7b7b15bda653519fddffd54354c1a16b5230cf00b0ad4e3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
The installer bundles additional adware-type offers (ad-supported) that are displayed to the user during setup and typically installed by default. These include web browser ad-injectors.

Analysis date:
11/16/2024 9:32:24 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OneClickDownloader (M)
16.7.7.15

File size:
598 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\1clickdownload\1clextsetup.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12:2oQ4sx0sNCkZ24aI6/FpKT2gEyR24aI6/F624aI6/FRGT9b:Ebx9+w6ScyAw6Bw6jGT5

Entry point:
3C, 68, 74, 6D, 6C, 3E, 0A, 3C, 68, 65, 61, 64, 3E, 0A, 09, 3C, 74, 69, 74, 6C, 65, 3E, 57, 45, 42, 53, 49, 54, 45, 2E, 57, 53, 20, 2D, 20, 59, 6F, 75, 72, 20, 49, 6E, 74, 65, 72, 6E, 65, 74, 20, 41, 64, 64, 72, 65, 73, 73, 20, 46, 6F, 72, 20, 4C, 69, 66, 65, 26, 74, 72, 61, 64, 65, 3B, 3C, 2F, 74, 69, 74, 6C, 65, 3E, 0A, 3C, 2F, 68, 65, 61, 64, 3E, 0A, 3C, 66, 72, 61, 6D, 65, 73, 65, 74, 20, 72, 6F, 77, 73, 3D, 22, 31, 30, 30, 25, 2C, 2A, 22, 20, 62, 6F, 72, 64, 65, 72, 3D, 22, 30, 22, 20, 66, 72, 61, 6D...
 
[+]

The file 1clextsetup.exe has been seen being distributed by the following URL.

http://files.download1click.ws/MainPackFA2703.exe

Remove 1clextsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.