setup 2014.exe

The application setup 2014.exe has been detected as a potentially unwanted program by 30 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from download1114.mediafire.com.
MD5:
7597ea46ddd86f28eb3fee0f54f20c14

SHA-1:
38fd7fb9fdfcff84c1de492300f9daee1532dc8b

SHA-256:
73286c68ff9de1d2f3c4e8713e14502c8e04b3e3e21c0ebb87c0b025665d2f9f

Scanner detections:
30 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
11/27/2024 1:06:19 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
MemScan:Application.Bundler.Outbrowse.E
221

Agnitum Outpost
PUA.OutBrowse
7.1.1

AhnLab V3 Security
PUP/Win32.OutBrowse
2015.12.07

Arcabit
Application.Bundler.Outbrowse.E
1.0.0.628

avast!
NSIS:OutBrowse-C [PUP]
2014.9-160627

AVG
AdLoad.G
2017.0.2699

Baidu Antivirus
Adware.Win32.OutBrowse
4.0.3.16627

Bitdefender
MemScan:Application.Bundler.Outbrowse.E
1.0.20.895

Dr.Web
Adware.Downware.3953
9.0.1.0179

ESET NOD32
Win32/OutBrowse.S potentially unwanted
10.12681

Fortinet FortiGate
Riskware/OutBrowse
6/27/2016

F-Prot
Trojan!9d14
v6.4.7.1.166

F-Secure
MemScan:Application.Bundler.Outbrowse
11.2016-27-06_2

G Data
MemScan:Application.Bundler.Outbrowse
16.6.25

IKARUS anti.virus
PUA.OutBrowse
t3scan.1.9.5.0

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.-9

Malwarebytes
PUP.Optional.OutBrowse
v2016.06.27.07

McAfee
Artemis!7597EA46DDD8
5600.6355

Microsoft Security Essentials
SoftwareBundler:Win32/OutBrowse
1.1.12300.0

MicroWorld eScan
MemScan:Application.Bundler.Outbrowse.E
17.0.0.537

NANO AntiVirus
Trojan.Win32.OutBrowse.dgnlgr
1.0.10.5081

Panda Antivirus
Trj/OCJ.F
16.06.27.07

Qihoo 360 Security
Win32/RootKit.Rootkit.7e5
1.0.0.1077

Quick Heal
Downloader.Agent.r5 (Not a Virus)
6.16.14.00

Reason Heuristics
PUP.OutBrowse (M)
16.6.27.19

Sophos
Generic PUA DI (PUA)
4.98

SUPERAntiSpyware
Adware.OutBrowse/Variant
9055

Total Defense
Win32/Tnega.OWXTBQC
37.1.62.1

Vba32 AntiVirus
Downloader.Agent
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
45666

File size:
963.9 KB (987,037 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup 2014.exe

File PE Metadata
Compilation timestamp:
12/6/2009 1:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:89YzbrTZBqf+3pR2/bg/0fPzWJkUH1acWio5U1e3ibC:JfTjqAR++0nzWJkUVacjPYx

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9240

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file setup 2014.exe has been seen being distributed by the following URL.

Remove setup 2014.exe - Powered by Reason Core Security