popitvsetuptr.exe

Setup Factory Runtime

Dey yazilim ve internet hizmetleri san. tic. ltd. sti.

The application popitvsetuptr.exe, “Setup Application” by Dey yazilim ve internet hizmetleri san. tic. ltd. sti has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Setup Factory installer.
Product:
Setup Factory Runtime

Description:
Setup Application

Version:
9.1.0.0

MD5:
dec011e9d3799ecd3f26abf616f62ecf

SHA-1:
7a76e76d1bf0ba648df53270950991f727af61c9

SHA-256:
a5a5745517b58870491749ea919bd837dcd30fe363f5ee712b5c3c1fac33a5c6

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 12:21:57 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.Amonitize
15.2.14.11

File size:
2.9 MB (3,059,344 bytes)

Product version:
9.1.0.0

Copyright:
Setup Engine Copyright © 2004-2012 Indigo Rose Corporation

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:
suf_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\downloads\popitvsetuptr.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/26/2013 2:00:00 AM

Valid to:
2/27/2014 1:59:59 AM

Subject:
CN=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., O=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., STREET=kuloglu mah alyon gecidi sok, STREET=beyoglu, L=istanbul, S=istanbul, PostalCode=34433, C=TR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00AA9B511464EAA0A58485815A3C6628FC

File PE Metadata
Compilation timestamp:
6/14/2012 7:16:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:5ShySkASzCNzcvi57bxUxw2d6uIccGqd5B8GLIK8D5xPONNWIiIraN2l1b3Mt0KQ:gqBQzcahitd6uxcGq5KGLz89xPOk3NqF

Entry address:
0x29E1

Entry point:
E8, A6, 1D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 56, 57, 33, F6, BF, C8, AB, 40, 00, 83, 3C, F5, 54, A0, 40, 00, 01, 75, 1D, 8D, 04, F5, 50, A0, 40, 00, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, FF, 15, C0, 70, 40, 00, 85, C0, 74, 0C, 46, 83, FE, 24, 7C, D3, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, 50, A0, 40, 00, 00, 33, C0, EB, F1, 8B, FF, 53, 8B, 1D, C4, 70, 40, 00, 56, BE, 50, A0, 40, 00, 57, 8B, 3E, 85, FF, 74, 13, 83, 7E, 04, 01, 74, 0D, 57, FF, D3, 57, E8, 18, FD, FF, FF, 83, 26, 00, 59, 83, C6, 08...
 
[+]

Code size:
22 KB (22,528 bytes)

Remove popitvsetuptr.exe - Powered by Reason Core Security