setup.exe

Dassault Systemes SolidWorks Corp.

This is a self-extracting archive and installer. The file has been seen being downloaded from www.murgee.com and multiple other hosts.
Publisher:
Dassault Systemes SolidWorks Corp.  (signed and verified)

MD5:
63c5952ef61c4c3c18cb13068b5fce08

SHA-1:
06e844c80a8d0608a9af7930311f8226d481d578

SHA-256:
014e4ed4caaad2dd8d8047b357892382bc4be355bb4796d18e15da92f4857121

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 4:36:57 PM UTC  (today)

File size:
363 KB (371,704 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/21/2014 2:00:00 AM

Valid to:
9/19/2017 1:59:59 AM

Subject:
CN=Dassault Systemes SolidWorks Corp., O=Dassault Systemes SolidWorks Corp., L=Waltham, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D97E45C162EF1479D3145A0A22071AF

File PE Metadata
Compilation timestamp:
11/11/2015 3:23:33 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:81ZBwaeI9OKnxgbR8NVm7Nqn5SS7TosPf:81vwa3tnWbR8Nwp0UhsPf

Entry address:
0x1B8C

Entry point:
E8, 04, 13, 00, 00, E9, 7B, FE, FF, FF, 3B, 0D, 50, 00, 41, 00, 75, 02, F3, C3, E9, 3D, 00, 00, 00, 55, 8B, EC, FF, 15, 2C, 90, 40, 00, 6A, 01, A3, E4, 10, 41, 00, E8, 0B, 16, 00, 00, FF, 75, 08, E8, 29, 19, 00, 00, 83, 3D, E4, 10, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, F1, 15, 00, 00, 59, 68, 09, 04, 00, C0, E8, F7, 18, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 82, 72, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, C8, 0E, 41, 00, 89, 0D, C4, 0E, 41, 00, 89, 15, C0, 0E, 41, 00...
 
[+]

Code size:
32 KB (32,768 bytes)

The file setup.exe has been discovered within the following program.

SOLIDWORKS 2015 x64 Edition SP05  by SolidWorks Corporation
www.solidworks.com
About 8% of users remove it
 
Powered by Should I Remove It?

The file setup.exe has been seen being distributed by the following 14 URLs.

https://www.murgee.com/auto-clicker/.../setup.exe

http://9ee1n7xuq7zyql.yuvshu.com/.../?p=ZXh0c3lzPTEmYWZmaWQ9Mjk2OTUxJmNpZD0xMDAmY3I9MTAwJmxvYz1lbiZzMT0wMDgxNDk4ODAmYWZmaWxpYXRlcmVmZXJlbmNlaWQ9MDA4MTQ5ODgwMDE5NTc1ODA1NzY4JmNhbXBpZD0yODI0NTY=

http://d2iwzbhgddzdwl.cloudfront.net/resources/autolaunchers/.../Setup.exe

http://www.k9pcfixer.com/downloadip_allcs_dcom.asp?utm_source=p9softros&utm_campaign=p9softros_glo7

https://docs.google.com/uc?authuser=0&id=0BwdBcL7qHsemenNfeFdpOFRyZmc&export=download

http://dl-ak.solidworks.com/nonsecure/sw2015/sw2015_sp05.0_f/x64/.../SolidWorksSetup.exe

https://doc-00-2k-docs.googleusercontent.com/docs/securesc/udh570s6qdkhavgdbbtquonkrhiuleup/r11b4r83b4hm2eiqscnvpvjuuep9ickq/1477562400000/13044191860120051435/.../0B9SGvcQ7PcULdUp1NFhLZkh5MkE?e=download

http://www.fraps.com/.../setup.exe

http://mn123.blob.core.windows.net/.../Setup.exe

Scan setup.exe - Powered by Reason Core Security