home

setup 2014.exe

The application setup 2014.exe has been detected as a potentially unwanted program by 28 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from download759.mediafire.com.
MD5:
042801ddf7bfc31d456229bf8b213f5d

SHA-1:
95bbc146bb467505a57eeda711a8efd3f4a65252

SHA-256:
d3a9bbb027cfbe2e5ed8c73cb98da140d8e7e4444339c5fce38593d128961423

Scanner detections:
28 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
11/23/2024 10:58:55 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Outbrowse.F
925

Agnitum Outpost
PUA.OutBrowse
7.1.1

Avira AntiVirus
APPL/Downloader.Gen
7.11.160.154

avast!
Win32:PUP-gen [PUP]
2014.9-140724

AVG
OutBrowse
2015.0.3403

Baidu Antivirus
Adware.Win32.OutBrowse
4.0.3.14724

Bitdefender
Application.Bundler.Outbrowse.F
1.0.20.1025

Comodo Security
Application.Win32.OutBrowse.~A
18849

Dr.Web
Adware.Downware.1770
9.0.1.0205

ESET NOD32
Win32/OutBrowse (variant)
8.10090

Fortinet FortiGate
Riskware/NSIS_OutBrowse
7/24/2014

F-Secure
Application.Bundler.Outbrowse
11.2014-24-07_5

G Data
Application.Bundler.Outbrowse
14.7.24

IKARUS anti.virus
PUP.OutBrowse
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.180.12701

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
14.0.0.3512

Malwarebytes
PUP.Optional.OutBrowse
v2014.07.24.01

McAfee
RDN/Generic PUP.x!b2s
5600.7059

MicroWorld eScan
Application.Bundler.Outbrowse.F
15.0.0.615

NANO AntiVirus
Trojan.Win32.OutBrowse.cvyscp
0.28.0.60698

Panda Antivirus
Trj/OCJ.F
14.07.24.01

Qihoo 360 Security
Win32/Virus.Downloader.ad6
1.0.0.1015

Quick Heal
Downloader.NSIS.r5 (Not a Virus)
7.14.14.00

Sophos
OutBrowse
4.98

Trend Micro House Call
TROJ_GEN.R0CBC0PEC14
7.2.205

Trend Micro
TROJ_GEN.R0CBC0PEC14
10.465.24

Vba32 AntiVirus
Downloader.OutBrowse
3.12.26.3

VIPRE Antivirus
OutBrowse
31256

File size:
616 KB (630,761 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\setup 2014.exe

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:JHFyhCfsMntd1zdwVWyK1EzotWlj+kzVX0xp+lHTNo5uLMxHeXAkepYsq4m:JlyhCfsMtpwof1EzotWln3M6VXopa4m

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file setup 2014.exe has been seen being distributed by the following URL.

http://download759.mediafire.com/pmyrudtj7vyg/.../Setup 2014.exe

Remove setup 2014.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.