home

setup v4.exe

molight

Nuvision Global Limited

Publisher:
lightan  (signed by Nuvision Global Limited)

Product:
molight

Description:
This installer database contains the logic and data required to install molight.

Version:
1.0.0

MD5:
2555ade8dc82b5b190cc7e43bc581b43

SHA-1:
50518509edd5edb93e5ef84f34ba8fd49b77dbc0

SHA-256:
236e8eb24aca68cd9129ade1c66da6e10bb3f61904143574e10f11210b9b7a53

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/26/2024 2:48:44 AM UTC  (today)

Scan engine
Detection
Engine version

herdProtect (fuzzy)
variant of unconfirmed 778152.crdownload
2015.6.12.3

Sophos
OutBrowse Revenyou
4.98

Trend Micro House Call
Suspicious_GEN.F47V0305
7.2.64

File size:
1.2 MB (1,231,536 bytes)

Product version:
1.0.0

Copyright:
Copyright (C) 2015 lightan

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup v4.exe

Digital Signature
Signed by:
Nuvision Global Limited

Authority:
COMODO CA Limited

Valid from:
10/1/2014 1:00:00 AM

Valid to:
10/2/2015 12:59:59 AM

Subject:
CN=Nuvision Global Limited, O=Nuvision Global Limited, STREET=THE ALEXANDER SUITE SILK POINT, STREET=MACCLESFIELD, L=CHESHIRE, S=CHESHIRE, PostalCode=SK102BB, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F059E72CB5EFCED667669886E53E10EC

File PE Metadata
Compilation timestamp:
12/10/2013 10:28:41 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:4YkM9A2rUaDffkJevhZgS8Y5AjJZc5UE5QILTf4RiIx8LBi6aHL:4Yj9LrDDfcJebgS8Y5AjJZcCE5Q6f4RP

Entry address:
0x31317

Entry point:
E8, C0, 9F, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 04, 8B, 4C, 24, 08, F7, C2, 03, 00, 00, 00, 75, 3C, 8B, 02, 3A, 01, 75, 2E, 0A, C0, 74, 26, 3A, 61, 01, 75, 25, 0A, E4, 74, 1D, C1, E8, 10, 3A, 41, 02, 75, 19, 0A, C0, 74, 11, 3A, 61, 03, 75, 10, 83, C1, 04, 83, C2, 04, 0A, E4, 75, D2, 8B, FF, 33, C0, C3, 90, 1B, C0, D1, E0, 83, C0, 01, C3, F7, C2, 01, 00, 00, 00, 74, 18, 8A, 02, 83, C2, 01, 3A, 01, 75, E7, 83, C1, 01, 0A, C0, 74, DC, F7, C2, 02...
 
[+]

Entropy:
6.8944

Code size:
276 KB (282,624 bytes)

The file setup v4.exe has been seen being distributed by the following 9 URLs.

http://dl.sec-download.com/clk?p=adc&s1=u188da5635451d4396225db62fb&s2=&s3=

http://dl.sec-download.com/clk?p=adc&s1=u4a42f1bf54fcc7915fed48d473&s2=&s3=

http://dl.sec-download.com/clk?p=adc&s1=12452296331426115288&s2=&s3=

http://dl.sec-download.com/clk?p=adc&s1=u4f9a9915526710dd608475d79b&s2=&s3=es

http://dl388.secure-downldr.com/setup v4.exe

http://dl.sec-download.com/clk?p=adc&s1=29197595861426122944&s2=&s3=

http://dl62.secure-downldr.com/setup v4.exe

http://dl.sec-download.com/clk?p=adc&s1=10965894511425867079&s2=&s3=

http://dl21.secure-downldr.com/setup v4.exe

Scan setup v4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.