home

setup.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from doc-14-80-docs.googleusercontent.com.
MD5:
98cd7db5f98c3e9c0145ef9392bf3fa7

SHA-1:
03cc1af7203d1dcad05ef524db09cb88cd2cdccf

SHA-256:
6bd6170b7c5db089a8c7890ae77cd054843a5d6fcbe62df19bcce69f63b56e66

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 8:47:26 AM UTC  (today)

File size:
1.6 MB (1,699,586 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:tGzUArDhDiePzANSUZ2/8sn0xOMuqYfUPA:RoDNLgSUZ2/8lgdqYuA

Entry point:
49, 44, 33, 03, 00, 00, 00, 01, 78, 2F, 54, 41, 4C, 42, 00, 00, 00, 1D, 00, 00, 01, FF, FE, 41, 00, 68, 00, 6D, 00, 65, 00, 64, 00, 20, 00, 4D, 00, 65, 00, 67, 00, 61, 00, 68, 00, 65, 00, 64, 00, 54, 50, 45, 31, 00, 00, 00, 27, 00, 00, 01, FF, FE, 4D, 00, 61, 00, 5A, 00, 61, 00, 4B, 00, 6F, 00, 6E, 00, 79, 00, 2E, 00, 43, 00, 6F, 00, 6D, 00, 5F, 00, 41, 00, 73, 00, 61, 00, 6C, 00, 61, 00, 43, 4F, 4D, 4D, 00, 00, 00, 5C, 00, 00, 01, 65, 6E, 67, FF, FE, 00, 00, FF, FE, 77, 00, 77, 00, 77, 00, 2E, 00, 4D, 00...
 
[+]

Entropy:
7.9740  (probably packed)

The file setup.exe has been seen being distributed by the following URL.

https://doc-14-80-docs.googleusercontent.com/docs/securesc/0opp7b97g1rk78njndh2mv38tita6td3/daerr4etokeep1j5j1j9m94md5ilmv3s/1444845600000/.../18248696912612515916/0B7WORBaNiSa7V2hNLU1HTGIxTUE?e=download&nonce=f8ms0tgrv8bja&user=18248696912612515916&hash=02tvunj58un54a8u1mab9lqdas658d5h

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.