home

cap540setup1.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www02.abb.com.
MD5:
23f41c1bf1406c10373d877b201e49b4

SHA-1:
24acd6b85dbcba4a21573dd445a2329e09bb9c13

SHA-256:
ec8f3a032c5d611930a4d5ab9641f57fcca30915e9fe1ba3f723e3e09cbbd044

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:31:16 AM UTC  (today)

File size:
55.6 MB (58,345,268 bytes)

File type:
Executable application (Win16 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\s-1-5-31-1286970278978-5713669491-166975984-320\rotinom\cap540full\cap540setup1.exe

File PE Metadata
OS version:
78.11639

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
2.0

CTPH (ssdeep):
786432:uwxsm9ryTZZMF22/BY09LiFqWK9hhLpOelqGGLfBkyTtwLATAq3FEOO7912fpi8h:UvZMF22JX9LikWK9YeEGDyTyLATnc0pJ

Entry address:
0xB400AE

Entry point:
11, DC, B9, 00, EE, 5F, 49, BE, 19, 9F, AF, F9, DD, 51, F0, E5, EF, 9D, 46, E1, DA, 7C, CD, EF, 8E, 82, 6F, 95, C0, 7D, 0D, C1, 6D, 6F, B2, 71, 5F, 23, F9, EA, 6F, E1, 9A, DF, 1D, 05, 5F, FE, DE, 69, 14, AE, CD, B7, DA, C7, F5, 46, 80, 6F, 8D, C0, DD, 8C, B3, A4, B7, DA, B8, 9B, 25, DF, 1D, 7E, 7D, 6B, 7C, DC, BC, 11, E0, 5B, 9D, 15, D7, E6, 5B, EB, E3, E6, 0B, BE, 69, 81, FB, 5A, 82, DB, 18, C0, 7D, AD, E4, 7B, D8, E7, 9B, F6, 71, 0B, 04, DF, DA, AC, B8, 26, 5F, 33, 05, FD, DA, 48, 79, 32, 0D, B5, 7F, ED...
 
[+]

Entropy:
7.9990  (probably packed)

Code size:
192 KB (196,610 bytes)

The file cap540setup1.exe has been seen being distributed by the following URL.

http://www02.abb.com/db/db0003/db004281.nsf/ca7e93ab03030d22c12571380039e8fc/c12573e700330419c1257187002cd2c3/.../CAP540Setup1.EXE

Scan cap540setup1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.