home

axabis_pdasetup.exe

SetUp Application

This is a setup and installation application. The file has been seen being downloaded from axa-bis.com.sg.
Product:
SetUp Application

Description:
SetUp WCE MFC Application

Version:
1, 0, 0, 1

MD5:
40212cd401fd924a29173f1f4d7ec9c9

SHA-1:
714fb317ccade2dbad13167cff4c5cd586666b10

SHA-256:
42b94140e8a7096626261cd17ec8bdfc744e615bae9df38eae6724e570c3f7da

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 11:50:10 PM UTC  (a few moments ago)

File size:
3 MB (3,161,301 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 1999

Original file name:
SetUp.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\axabis_pdasetup.exe

File PE Metadata
Compilation timestamp:
9/16/2003 3:21:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:

Linker version:
6.1

CTPH (ssdeep):
98304:pQYWlX3OSxQXLm0C6F4ZWuTvo/RXmeXWR1H0KV3NF:GlX3OSxQ7dmJjK6m+dF

Entry address:
0x19AD8

Entry point:
F0, 40, 2D, E9, 00, 40, A0, E1, 01, 50, A0, E1, 02, 60, A0, E1, 03, 70, A0, E1, 36, 00, 00, EB, 07, 30, A0, E1, 06, 20, A0, E1, 05, 10, A0, E1, 04, 00, A0, E1, 79, 00, 00, EB, F0, 40, BD, E8, 47, 00, 00, EA, 70, 40, 2D, E9, 44, 40, 9F, E5, 00, 60, A0, E1, 00, 00, 94, E5, 75, 02, 00, EB, 30, 50, 9F, E5, 00, 30, A0, E1, 00, 00, 94, E5, 00, 10, 95, E5, 00, 20, 41, E0, 04, 20, 82, E2, 02, 00, 53, E1, 16, 00, 00, 2A, 00, 00, 50, E3, 05, 00, 00, 1A, 10, 10, A0, E3, 00, 00, A0, E3, 65, 02, 00, EB, 06, 00, 00, EA...
 
[+]

Entropy:
7.9503

Packer / compiler:
PocketPC, 0xARM

Code size:
101.5 KB (103,936 bytes)

The file axabis_pdasetup.exe has been seen being distributed by the following URL.

http://axa-bis.com.sg/files/live/pda/.../AXABIS_PDAsetup.exe

Scan axabis_pdasetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.