consumerinputsetup.exe

Compete Inc

The application consumerinputsetup.exe by Compete Inc has been detected as a potentially unwanted program by 6 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from s.allfreesoft.net and multiple other hosts.
Publisher:
Compete Inc  (signed and verified)

Version:
3.2.4.4256

MD5:
fe462c10cf8e858ec53048c13e055253

SHA-1:
3c8969de1c63831cd0effb382e499f35275cfea9

SHA-256:
11d84d20bff1798a07c441fdab556ed8ae9e20f2c7c40643264d070b535d126d

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 2:51:11 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.3160

Dr.Web
Adware.Siggen.30978
9.0.1.083

McAfee
Artemis!FE462C10CF8E
5600.6816

Reason Heuristics
PUP.Installer.Compete
15.3.24.22

Trend Micro House Call
Suspicious_GEN.F47V0322
7.2.83

VIPRE Antivirus
Compete
38742

File size:
2.3 MB (2,364,104 bytes)

Product version:
3.2.4.4256

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\consumerinputsetup.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
12/21/2014 6:00:00 PM

Valid to:
3/22/2018 6:59:59 PM

Subject:
CN=Compete Inc, O=Compete Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0A6DDD60D9E6C4FAA56565923F8669C2

File PE Metadata
Compilation timestamp:
9/26/2011 8:21:38 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:FwDwcWiBFXc61bGfOAkiKmaXpLTFfYR7w5j4C1MuUBUCOnPB:FQ0EFMobIMLmwtTJ205BMVz2B

Entry address:
0x38AF

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, C0, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 36, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 84, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 18, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 06, 27, 00, 00...
 
[+]

Entropy:
7.9891

Packer / compiler:
Nullsoft install system v2.x

Code size:
29 KB (29,696 bytes)

The file consumerinputsetup.exe has been seen being distributed by the following 3 URLs.

Remove consumerinputsetup.exe - Powered by Reason Core Security