mbam-setup.exe

Malwarebytes Anti-Malware

Malwarebytes Corporation

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.filehippo.com and multiple other hosts.
Publisher:
Malwarebytes Corporation   (signed by Malwarebytes Corporation)

Product:
Malwarebytes Anti-Malware

Version:
1.60.1.1000

MD5:
9032f0c0051a94d579da061292968e32

SHA-1:
de181b203bc9d9a8bd114b2a7c94a6561c01056f

SHA-256:
3baf85240a422acc4779704b269b7a914faf4cd35199d591b95bbf15bfb2ae26

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:54:36 AM UTC  (today)

File size:
9.1 MB (9,502,424 bytes)

Product version:
1.60.1.1000

Copyright:
© Malwarebytes Corporation. All rights reserved.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\ProgramData\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/23/2011 6:00:00 PM

Valid to:
6/4/2013 5:59:59 PM

Subject:
CN=Malwarebytes Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Malwarebytes Corporation, L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
635725F2493191F6F4F686234034FE80

File PE Metadata
Compilation timestamp:
6/19/1992 4:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:MwC3W2/xePXb3c8/8Zz+KWJDu39Ln++HCiyomdodWpRsPUT:fx2xePUz+KcDMxnxHCroxdWpRig

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9996

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file mbam-setup.exe has been discovered within the following programs.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
UVK  by Carifred
www.carifred.com/uvk
About 1% of users remove it
About 9% of users remove it
 
Powered by Should I Remove It?

The file mbam-setup.exe has been seen being distributed by the following 45 URLs.

http://www.filehippo.com/download/file/.../

http://majorgeeks.mirror.internode.on.net/.../mbam-setup-1.60.1.1000.exe

ftp://f6ab556759c10050c6b22defeeeb18d3:1334077090@ftpclubicb9b.clubic.com/.../malwarebytes-anti-malware_malwarebytes_anti-malware_1.60.1.1000_francais_215092.exe

http://fs13.filehippo.com/2794/.../mbam-setup-1.60.1.1000.exe

http://dl1.filehippo.com/.../mbam-setup-1.60.1.1000.exe

ftp://73247bbd4cf22630951ce8da5a100006:1339112658@ftpclubicb9a.clubic.com/.../malwarebytes-anti-malware_malwarebytes_anti-malware_1.60.1.1000_francais_215092.exe

http://rescomp.bloomu.edu/pages/downloads/applications/.../mbamsetup.exe

http://www.filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

Latest 30 of 45 download URLs