mbam-setup.exe

Malwarebytes Anti-Malware

Malwarebytes Corporation

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from s3.amazonaws.com and multiple other hosts.
Publisher:
Malwarebytes Corporation   (signed by Malwarebytes Corporation)

Product:
Malwarebytes Anti-Malware

Version:
2.00.0.1000

MD5:
32a7154f9934cf3aa5d945d02d069d1f

SHA-1:
b2dd980bea34dbd3bf3ab1a14c8ff69cf7ad9a49

SHA-256:
f55246ba432da00f1a6a4f335f18edcc30643c5304b2815f41d18a71f1fb72e5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 1:19:23 PM UTC  (today)

File size:
16.7 MB (17,523,384 bytes)

Product version:
2.00.0.1000

Copyright:
(c) Malwarebytes Corporation. All rights reserved.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\ProgramData\malwarebytes\malwarebytes anti-malware\mbam-setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/30/2013 2:00:00 AM

Valid to:
6/20/2016 1:59:59 AM

Subject:
CN=Malwarebytes Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Malwarebytes Corporation, L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6F36C4B74B4F8AB001F039D692A75B49

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:hLmpNI+aIWghDBSME1BF2SBOAfQSUQs8huxV6S:l2SMaL2SBOANhuxV6S

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file mbam-setup.exe has been discovered within the following programs.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
BankBrowser  by DialCom24 Sp. z o.o.
BankBrowser is part of the Przelewy24 software.
www.bankbrowser.pl
About 3% of users remove it
 
Powered by Should I Remove It?

The file mbam-setup.exe has been seen being distributed by the following 50 URLs.

https://s3.amazonaws.com/.../mbam-setup-2.0.0.1000.exe

http://b2c-descargas.s3.amazonaws.com/.../Malwarebytes-antimalware-2.0.0.1000.exe

http://www.filehippo.com/download/file/.../

http://s1.download.net.pl/6329ae52e09mbaem-setup-2001000.exe

http://www.filepuma.com/file/1395792239c5459/malwarebytes_anti_malware_2.00/.../0/

http://forumdobreprogramy.digidip.net/visit?url=http://data-cdn.mbamupdates.com/v2/mbam/consumer/.../mbam-setup-2.0.0.1000.exe

http://download.heise.de/software/c7b095fcbd7efd074a82c03d92c01120/53edb4f9/.../mbam-setup-2.0.0.1000.exe

http://www.quetelecharger.com/.../e6062169.dl

Latest 30 of 148 download URLs