home

eisetupfree.exe

ExpressInvoice

NCH Software

This is a setup program which is used to install the application. This is installed with Express Invoice Invoicing Software. The file has been seen being downloaded from l.facebook.com and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
ExpressInvoice

Description:
Express Invoice Invoicing Software

Version:
4.44

MD5:
6c6cbcebbd67837dec0b21079b5fba6e

SHA-1:
0b056265c3a478cf3056d0fbc0376908a0965ffa

SHA-256:
d0fb8dd0084d2d81fbdbd5a96002b52c2400deda3a3012986c3a586a6262564d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 4:37:30 AM UTC  (today)

File size:
800.8 KB (820,000 bytes)

Product version:
4.44

Copyright:
NCH Software

Original file name:
ExpressInvoice.exe

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\eisetupfree.exe

Digital Signature
Signed by:
NCH Software

Authority:
Thawte, Inc.

Valid from:
7/5/2015 5:00:00 PM

Valid to:
8/6/2017 4:59:59 PM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
58D9B9D38780932DD1CBC58A2AD28B1C

File PE Metadata
Compilation timestamp:
10/14/2015 6:33:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:EdlW2qUoFLlOStPtHxN6M9cq4R721YyqMcms6F62BrA+qey3VHHQASrMs9qgf:q+xdoStPZj9cRq1VcmtBaDnQ5rLqgf

Entry address:
0x11D4

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, FC, 16, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, DF, 03, 00, 00, 6A, 06, 53, FF, 15, 8C, 20, 40, 00, FF, 15, 48, 20, 40, 00, 68, 6C, 24, 40, 00, 8B, F0, E8, CB, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 24, 40, 00, 68, 80, 24, 40, 00, FF, 15, 50, 20, 40, 00, 68, 90, 24, 40, 00, 8B, C6, E8, AB, 03, 00, 00, 3B, C3, 74, 49, 83, C0, 0E, EB, 08, 66, 83, F9, 20, 75, 0A, 40, 40, 0F, B7, 08, 66, 3B, CB, 75, F0, 0F, B7, 08, 33, F6, 66, 3B, CB, 74, 20...
 
[+]

Entropy:
7.9923

Developed / compiled with:
Microsoft Visual C++

Code size:
2 KB (2,048 bytes)

The file eisetupfree.exe has been discovered within the following program.

Express Invoice Invoicing Software  by NCH Software
www.nchsoftware.com/invoice/support.html
About 4% of users remove it
 
Powered by Should I Remove It?

The file eisetupfree.exe has been seen being distributed by the following 2 URLs.

https://l.facebook.com/l.php?u=http://www.nchsoftware.com/.../eisetupfree.exe&h=JAQHukSTw

http://nebulafreeware.com/.../Software.aspx?SoftwareID=1300&Program=Best_Invoice

Scan eisetupfree.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.