home

firefox_setup.exe

ArcSetup

Perfect World Entertainment, Inc.

This is a self-extracting archive and installer. The file has been seen being downloaded from game-data.starstable.com.
Publisher:
Perfect World Entertainment  (signed by Perfect World Entertainment, Inc.)

Product:
ArcSetup

Description:
Arc Pre Update System

Version:
1.0.0.1

MD5:
5bfc98d8d8314a9d821ab27efbe3c2d0

SHA-1:
9a5f5519dcc20bec84f1bdb93fe10476fdc5eead

SHA-256:
b0f910dd8ca1f99a75a2322448b8406ea54e6cb1ee3e8c7f1cf5372ba96a2ab9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:46:40 PM UTC  (today)

File size:
973.3 KB (996,688 bytes)

Product version:
1.0.0.1

Copyright:
Copyright © 2015. Perfect World Entertainment Inc, All Rights Reserved

Original file name:
ArcSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\firefox_setup.exe

Digital Signature
Signed by:
Perfect World Entertainment, Inc.

Authority:
VeriSign, Inc.

Valid from:
12/3/2013 1:00:00 AM

Valid to:
2/2/2016 12:59:59 AM

Subject:
CN="Perfect World Entertainment, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Perfect World Entertainment, Inc.", L=Redwood City, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5AB4C70D04205D18ED9170C15C1A9CF0

File PE Metadata
Compilation timestamp:
4/14/2015 9:54:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:QKV/1e+LGZOj6ISbphhPUUGfMRqD8Mo9KM+TciVr7I0gVihyz9rWTZqzQ7kObj4+:xV/1f6zhPMhUiwZiTZqzQ7kQ

Entry address:
0x8E44E

Entry point:
E8, C7, 7B, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, E8, 44, 4D, 00, 75, 02, F3, C3, E9, 47, 7C, 00, 00, 8D, 44, 24, 10, 50, 6A, 00, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, E8, 91, 09, 00, 00, 83, C4, 14, C3, 55, 8B, EC, 8D, 45, 18, 50, 6A, 00, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 15, 0A, 00, 00, 83, C4, 18, 5D, C3, 51, 53, 55, 56, 57, FF, 35, 28, D3, 4D, 00, E8, 3D, 75, 00, 00, FF, 35, 24, D3, 4D, 00, 8B, F0, 89, 74, 24, 18, E8, 2C, 75, 00, 00, 8B, F8, 3B, FE, 59, 59, 0F, 82, 84, 00, 00...
 
[+]

Code size:
684 KB (700,416 bytes)

The file firefox_setup.exe has been seen being distributed by the following URL.

https://game-data.starstable.com/StarStableSetup.exe

Scan firefox_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.