revosetup.exe

VS Revo Group

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with Revo Uninstaller 1.92. The file has been seen being downloaded from dc345.4shared.com and multiple other hosts.
Publisher:
VS Revo Group  (signed and verified)

MD5:
b4f3edb46d7d06e0466b5df57f10158e

SHA-1:
1a49b4d28298f78af8c1b3d018503ac313a807f2

SHA-256:
fe7778d4a0306486b5b2631621648263bedde4dbf38e0c9f7c1ecd7ade9264a2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 7:06:29 AM UTC  (today)

File size:
1 MB (1,079,272 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
12/19/2008 12:00:00 AM

Valid to:
12/19/2009 11:59:59 PM

Subject:
CN=VS Revo Group, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=VS Revo Group, L=Ruse, S=Ruse, C=BG

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5BE03D48E6CEA58DCA99AFD3EDAE4CCC

File PE Metadata
Compilation timestamp:
2/21/2009 7:46:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:MBBz6l9jV+LBYN5+SF/F3lHsEhPv9mtpBEWSck61:4zyGOx9lp3olEWSck61

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, ED, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9667

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file revosetup.exe has been discovered within the following program.

Revo Uninstaller 1.92  by VS Revo Group, Ltd.
Publisher's description - “Revo Uninstaller helps you to uninstall software and remove unwanted programs installed on your computer even if you have problems uninstalling and cannot uninstall them from "Windows Add or Remove Programs" control panel applet.”
www.revouninstaller.com
7% remove it
 
Powered by Should I Remove It?

The file revosetup.exe has been seen being distributed by the following 6 URLs.

http://dc345.4shared.com/download/.../____.exe

http://dulieufree.com/dl/U29mdHMvVG9vbC9yZXZvc2V0dXAxODMuZXhl/.../download.html

http://download1135.mediafire.com/2k8tx7i2cbdg/.../revosetup.exe

Scan revosetup.exe - Powered by Reason Core Security