» isafe_setup_smod.exe
Overview
Analysis
File Details
Downloads (1)

isafe_setup_smod.exe

The application isafe_setup_smod.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from dl.yac.mx.

File name:

MD5:

3da947a6824ac53f92948aa23d076ab6

SHA-1:

6f81a89516d81199e94826603bdf898e3fbdd132

SHA-256:

99eaaf9973307268135c63c83dac1646c6418e4a45dd6fec3b180237cab116e7

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 12:54:09 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Elex.YAC (M)

16.6.17.18

File size:

11 MB (11,539,376 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\isafe_setup_smod.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

196608:7NN6trdn47bGG8egvpO6DUnZrApp4ck8eIAyWlRGhW7Y1:e5F47bGG8TBhgZ01/eIAzRM

The file isafe_setup_smod.exe has been seen being distributed by the following URL.

http://dl.yac.mx/.../iSafe_setup_smod.exe

Remove isafe_setup_smod.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.