ActiveSetup.exe

AudibleManager 5.0.5

Audible Inc.

Publisher:
Audible Inc.  (signed and verified)

Product:
AudibleManager 5.0.5

Description:
ActiveSetup Module

Version:
5, 0, 0, 5

MD5:
f6e3b4d95ef73fe7ddf69a01ffc1125c

SHA-1:
c2058ef87dabc913415f94e24c7fb60356f6ef43

SHA-256:
36dd98d5f5d9653d7c2641447b1282bb918966bef84f689dfd711ca1cd02c932

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 1:30:38 PM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Malware-Cryptor.FSP.gen
3.12.24.3

File size:
1.7 MB (1,730,272 bytes)

Product version:
5, 0, 0, 5

Copyright:
Copyright ® Audible, Inc. 1997-2008

Original file name:
ActiveSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\activesetup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
3/3/2011 7:00:00 PM

Valid to:
3/3/2013 6:59:59 PM

Subject:
CN=Audible Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=IT Software, O=Audible Inc., L=Newark, S=New Jersey, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ADA09A3A4A56B21C454AEAB675A3D9E

File PE Metadata
Compilation timestamp:
7/9/2012 5:45:51 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:6vZgANeHoy1z/MPOo7KzveN2mO/P1kZciGoIClCivzyQhbTMQb:53kWoau24ZFGoHlZyu

Entry address:
0x68312

Entry point:
E8, 4F, 11, 01, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Entropy:
5.9518

Code size:
552.5 KB (565,760 bytes)

The file ActiveSetup.exe has been discovered within the following programs.

µTorrent  by BitTorrent Inc.
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.
www.utorrent.com
12% remove it
provides the software and drivers required to connect the GoGear player to the PC in order to manage the data as well us upload and sync.
www.philips.com
About 1% of users remove it
Quicken 2013  by Intuit Inc.
Quicken is a personal finance management tool developed by Intuit, Inc.
www.intuit.com
11% remove it
www.Toolwiz.com
About 5% of users remove it
About 4% of users remove it
 
Powered by Should I Remove It?

The file ActiveSetup.exe has been seen being distributed by the following 8 URLs.

https://download.audible.com/.../ActiveSetupN.exe

Scan ActiveSetup.exe - Powered by Reason Core Security