gupsetup.exe

Glarysoft Ltd

The executable gupsetup.exe, “Glary Utilities Setup ” has been detected as malware by 18 anti-virus scanners. The program is a setup application that uses the Inno Setup installer.
Publisher:
Glarysoft Ltd   (signed by Glarysoft Ltd)

Description:
Glary Utilities Setup

Version:
2.15.0.728

MD5:
e8467b49b4c1efb8eea7f35692d1956f

SHA-1:
445704cb325665028c26796f01f7c4bb8a42511e

SHA-256:
e936fec092e942d9129ee8dae02435779478e02b4c39b6b320f6918d3d9fbf36

Scanner detections:
18 / 68

Status:
Malware

Analysis date:
12/23/2024 5:37:40 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Induc.A
279

Avira AntiVirus
W32/Induc.iena
7.11.212.246

avast!
Win32:Induc
2014.9-160430

Dr.Web
Win32.Induc
9.0.1.0121

ESET NOD32
Win32/Induc
10.11249

Fortinet FortiGate
Malware_fam.A
4/30/2016

F-Prot
W32/Induc.A
v6.4.7.1.166

F-Secure
Win32.Induc.A
11.2016-30-04_7

Kaspersky
Virus.Win32.Induc
14.0.0.281

McAfee
Artemis!E8467B49B4C1
5600.6413

Microsoft Security Essentials
Virus:Win32/Induc.A
1.1.11400.0

MicroWorld eScan
Win32.Induc.A
17.0.0.363

NANO AntiVirus
Virus.Win32.Induc.dffkeg
0.30.0.296

Norman
Induc.CW
11.20160430

Panda Antivirus
Trj/CI.A
16.04.30.08

Quick Heal
W32.Induc.A
4.16.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.12C5FF73!314965875
23.00.65.16428

Sophos
Mal/Generic-L
4.98

File size:
5.3 MB (5,511,464 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Digital Signature
Signed by:

Authority:
WoSign, Inc.

Valid from:
10/27/2008 1:00:00 AM

Valid to:
10/28/2009 12:59:59 AM

Subject:
CN=Glarysoft Ltd, OU=Class 3 - for Microsoft Authenticode Signing, O=Glarysoft Ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
00D2D2E0BE248F2EB72B5F9C8DF79C793F

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:2gPaimljoFm70E+LNrt15Gk4f8eXcdUXbIQxSZG3QhyclcV0KegWm344NGs:NPaimlR70/4fjXceX0q6Gghy61VgT34o

Entry address:
0x991C

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, AA, 97, FF, FF, E8, B1, A9, FF, FF, E8, DC, CB, FF, FF, E8, 63, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, C6, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 7C, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D4, CD, 40, 00, E8, 5B, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, CD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

Remove gupsetup.exe - Powered by Reason Core Security