hideipsetup.exe

AVSoftware EOOD

The software installer uses the StartInstall.com download manager which bundles additional adware offers (toolbars and utilities such as the SafeSearch toolbar) during setup. The application hideipsetup.exe, “Hide The IP 2009 Installation ” by AVSoftware EOOD has been detected as adware by 2 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
AVSoftware   (signed by AVSoftware EOOD)

Description:
Hide The IP 2009 Installation

Version:
2.8

MD5:
1d74eb5cfd4ca255b35e36905654b10a

SHA-1:
3a962656eb516eaee615670e502fa8d1ff2ae66e

SHA-256:
6097143e93f5c627f9c65ef45b9701229161b667079ad1068f8971e5612e87cd

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
11/27/2024 12:12:34 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Ramnit.C
7.11.30.172

Reason Heuristics
PUP.AVSoftware EOOD.Installer
15.5.2.21

File size:
4.6 MB (4,797,792 bytes)

Copyright:
All rights reserved

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\hideipsetup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
5/10/2009 5:00:00 PM

Valid to:
5/11/2010 4:59:59 PM

Subject:
CN=AVSoftware EOOD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=AVSoftware EOOD, L=Gabrovo, S=Gabrovo, C=BG

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37BC40AA80D517CAC12E4CB37407D455

File PE Metadata
Compilation timestamp:
7/5/2007 2:17:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
98304:sgXgey/+6QX0iMFkrcq4t/IQCnPAvbxRv/WuHRgIldMUKdDTxSQZFn/5D:sgXgey/+6LmAXt/IQ2PAvf/9LgdTkOP

Entry address:
0x1253D

Entry point:
6A, 60, 68, 88, 92, 41, 00, E8, BF, 03, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 1B, 18, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 9C, 91, 41, 00, 8B, 4E, 10, 89, 0D, 24, ED, 41, 00, 8B, 46, 04, A3, 30, ED, 41, 00, 8B, 56, 08, 89, 15, 34, ED, 41, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 28, ED, 41, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 28, ED, 41, 00, C1, E0, 08, 03, C2, A3, 2C, ED, 41, 00, 33, F6, 56, 8B, 3D, 90, 91, 41, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
7.9747

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
95.5 KB (97,792 bytes)

Remove hideipsetup.exe - Powered by Reason Core Security