home

setup v2 1.exe

The application setup v2 1.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from ttb.m2bv0v3iik.com.
MD5:
3e8b676f184e94e424a59bd0e4f9ae7b

SHA-1:
d23bdc695d0f2a29fb38e48afa9e30976aabfaea

SHA-256:
62d8b7a4e78420a56ba18c9cd786d91487b0fe87d0e9a0d116a0c6974ee944bd

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/26/2024 1:21:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.SoftPulse (M)
16.8.23.20

File size:
1.6 MB (1,626,470 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\setup v2 1.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24576:1zD5urNhRWx2Mk4JJQByw7Imlq3g495S0PwbphrpgXXOZuv/rTWeR5j4UwJZQUYI:P6/ye0PIphrp9Zuvjqa0UidN

Entry point:
BA, 16, 1D, EF, 2B, 0D, 9B, 86, 72, 55, A8, EB, D6, AD, 56, FE, 8A, 08, 1E, 62, 77, 3E, C5, D0, 3D, 01, 86, B0, 74, 12, 6D, EA, 37, B4, 02, F9, E2, 62, 27, 43, 1C, BC, 43, A5, 11, C8, A0, 51, 02, 57, 12, DC, FE, C5, D9, 93, F1, E5, C9, 0F, DF, 3D, A8, 09, 6B, 6E, D8, 6E, 9B, F5, 36, B6, DE, 19, 42, 72, 4F, 1C, 7F, 26, 34, B4, 1D, 55, C9, BF, D5, E1, 44, 33, 15, 95, 11, 54, 5D, FC, 5E, 29, E8, 76, DB, 31, 8F, 8A, C2, 51, EB, 7D, 17, 11, BA, 23, 2A, 08, 85, F4, 62, 95, 7F, 64, 3C, D0, AF, 6D, 91, C0, 52, 6E...
 
[+]

Entropy:
7.4835

The file setup v2 1.exe has been seen being distributed by the following URL.

http://ttb.m2bv0v3iik.com/download/request/.../xb9onqTr?__tc=1413275894.292&lpsl=994999f8c739069655028d4a9b24db9d&expire=1413362296&PubID=317945&tgu_src_lp_domain=www.dwlsoft.com&ClickID=u7644088b528c9bca79aabdcd6e&fileName=Setup_v2_1

Remove setup v2 1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.