» chrome_setup.exe
Overview
Analysis
File Details
Downloads (1)

chrome_setup.exe

Chrome Installer

Secure Installer

The application chrome_setup.exe, “Deploy Chrome along with various offers” by Secure Installer has been detected as a potentially unwanted program by 6 anti-malware scanners. This version of the file will bundle a Mindspark/MyWebSearch Toolbar, a potentially unwanted web browser extension. The file has been seen being downloaded from software.browsersinfo.com a web site host known to distribute potentially unwanted software operated by Quick Downloader.

File name:

chrome_setup.exe

Publisher:

Secure Installer (signed and verified)

Product:

Chrome Installer

Description:

Deploy Chrome along with various offers

Version:

MD5:

f09dba8836f7819df00cce4ff82c3909

SHA-1:

622014b58afcf5d62bec2b30bab43586c4ce5d40

SHA-256:

678ec9579c03da90a59956720e3a937ade957b7e7d0b9b23fabf0c8309e5aae9

Scanner detections:

6 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

12/26/2024 12:43:06 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Malware-gen

2014.9-150107

ESET NOD32

Win32/Toolbar.MyWebSearch (variant)

9.10551

Malwarebytes

PUP.Optional.Downloadster

v2015.01.07.11

Reason Heuristics

PUP.Installer.SecureInstaller.M

15.1.7.23

Sophos

Install Core

4.98

VIPRE Antivirus

InstallCore

33860

File size:

1.6 MB (1,718,408 bytes)

Product version:

©BrowsersInfo

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\chrome_setup.exe

Digital Signature

Signed by:

Secure Installer

Authority:

COMODO CA Limited

Valid from:

9/24/2012 8:00:00 PM

Valid to:

9/25/2013 7:59:59 PM

Subject:

CN=Secure Installer, O=Secure Installer, STREET=720 Market Street, STREET=5th floor, L=San Francisco, S=CA, PostalCode=94102, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00C3507C1ADDE6B4C52E5426990F85CA2B

File PE Metadata

Compilation timestamp:

12/16/2012 7:55:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:le5VvTECOj7F5QAOeOW5QN7+WpTR3D7TY5aTcEjErHBM+gZE2vLSNzhITA4m+xAa:SEc7+WJZ7TYITRj8HQRviHn4kTtYpl

Entry address:

0xCE1BC

Entry point:

55, 8B, EC, 83, C4, F0, B8, E4, C9, 4C, 00, E8, D8, 8B, F3, FF, 8B, 0D, 9C, 6F, 4D, 00, 8B, 09, B2, 01, A1, 2C, 63, 4B, 00, E8, 2C, E2, F8, FF, 8B, 15, 84, 70, 4D, 00, 89, 02, A1, 9C, 6F, 4D, 00, 8B, 00, E8, 14, 7A, F9, FF, A1, 9C, 6F, 4D, 00, 8B, 00, B2, 01, E8, AE, 98, F9, FF, 8B, 0D, A0, 6D, 4D, 00, A1, 9C, 6F, 4D, 00, 8B, 00, 8B, 15, E4, 24, 4C, 00, E8, 06, 7A, F9, FF, A1, 9C, 6F, 4D, 00, 8B, 00, E8, 32, 7B, F9, FF, E8, CD, 66, F3, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6615

Developed / compiled with:

Microsoft Visual C++

Code size:

821 KB (840,704 bytes)

The file chrome_setup.exe has been seen being distributed by the following URL.

http://software.browsersinfo.com/software/bi/.../chrome_setup.exe

Remove chrome_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.