» setup.-1.2.0.exe
Overview
Analysis
File Details
Downloads (1)

setup.-1.2.0.exe

a6_S_B_

a4_J_Y_

The executable setup.-1.2.0.exe has been detected as malware by 14 anti-virus scanners. The file has been seen being downloaded from en.file-upload.net.

File name:

setup.-1.2.0.exe

Publisher:

a4_J_Y_

Product:

a6_S_B_

Description:

ac_a_U_

Version:

1.1.1.6

MD5:

f1296bc0f04feb106e11442bf3c0c18e

SHA-1:

1bdc5d89660f796aa9b02247a1e80af7de316b54

SHA-256:

f98bc6a93f3d3e2d729d41cacf33e95b594bd53ff0d973c0016a4337057454ac

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

11/16/2024 10:30:18 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.320438

215

avast!

MSIL:GenMalicious-APZ [Trj]

2014.9-160703

Bitdefender

Gen:Variant.Kazy.320438

1.0.20.925

Emsisoft Anti-Malware

Gen:Variant.Kazy.320438

8.16.07.03.09

ESET NOD32

MSIL/Injector.DSX (variant)

10.11423

Fortinet FortiGate

W32/Generic!tr

7/3/2016

F-Secure

Gen:Variant.Kazy.320438

11.2016-03-07_1

G Data

Gen:Variant.Kazy.320438

16.7.25

K7 AntiVirus

Trojan

13.202.15480

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-39

Malwarebytes

Trojan.MSIL.UL

v2016.07.03.09

McAfee

Artemis!F1296BC0F04F

5600.6349

MicroWorld eScan

Gen:Variant.Kazy.320438

17.0.0.555

Sophos

Mal/Generic-S

4.98

File size:

824 KB (843,776 bytes)

Product version:

1.1.1.6

Trademarks:

aR_E_y_

Original file name:

samsam.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\setup.-1.2.0.exe

File PE Metadata

Compilation timestamp:

4/3/2015 1:29:55 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:/hPpuzeoRQF/PAKSx7Qh3edgqaiftLi2vONEbDminaB/P8gJow3f9SbXfcn1ft7w:gcskkhiMKvRjga/VN7LcpH4B0

Entry address:

0xCF651

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.8007

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

822 KB (841,728 bytes)

The file setup.-1.2.0.exe has been seen being distributed by the following URL.

http://en.file-upload.net/download.php?valid=770.84558125305&id=10505110&name=Setup.-1.2.0.exe

Remove setup.-1.2.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.