isafe_setup_t2.exe

The application isafe_setup_t2.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from dl2.yac.mx.
MD5:
53d4bc59d561c1c2a8948c4a6aea514c

SHA-1:
b38d8ed0bf9e471670da685c2e0d24482d143163

SHA-256:
3cc30f535033628fac9b8fee91a754336877f4ec493517cb6d18accb8156d754

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:00:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex.iSafe (M)
16.7.8.9

File size:
15.6 MB (16,376,496 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\isafe_setup_t2.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
393216:z9yxiHg4BjI0gYaFRsZXkcJ3gEhjSHRKyhBnTTzcpz8UsYWbN:zMugoUtZPsJ3giI/hBTGW5

Entry point:
D4, 17, DB, 43, 41, 98, 4D, 32, BA, C4, 16, A3, A9, 64, A5, D6, F7, 43, 42, 41, A8, B8, 63, BD, 4E, C4, A8, 67, 4B, AB, 5D, 65, 43, 1A, E0, A3, D3, 97, 84, E3, E2, 50, DC, B6, BA, E3, F8, 3E, 0A, 3B, 6B, E6, C0, C0, 49, E2, 6D, 9A, D7, 50, 94, 5B, 16, C0, AB, 98, A9, 20, 15, 49, 7A, 6E, C0, 50, AF, 8C, 10, E5, 01, 78, 31, 7C, C5, 55, C5, 49, 43, D5, B2, C0, 3B, AB, 4E, 54, 79, C7, 0B, E2, F3, 62, C7, 07, 1C, BF, 93, 7D, 2D, 3B, 31, AF, 5F, BC, 6B, 05, 82, 17, C9, 78, 2A, 58, A1, 6A, 41, 59, BE, 58, CC, C7...
 
[+]

Entropy:
8.0000  (probably packed)

The file isafe_setup_t2.exe has been seen being distributed by the following URL.

Remove isafe_setup_t2.exe - Powered by Reason Core Security