Setup.exe
flash setup
OOO Kod Intertainment
The file Setup.exe by OOO Kod Intertainment has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from liveupgrade.soft2update.xyz and multiple other hosts.
MD5:
d5f800fdfc775656c5d7e186893bc343
SHA-1:
074de8c318e2423537da95692ace94c54b4b9479
Scanner detections:
1 / 68
Status:
Potentially unwanted
Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.
Analysis date:
12/27/2024 9:29:30 PM UTC (today)
Scan engine
Detection
Engine version
Reason Heuristics
PUP.InstallCore.OOOKodIn.Installer (M)
16.5.3.20
File size:
396.5 KB (405,992 bytes)
Copyright:
Copyright © 2016
Original file name:
Flash.exe
Language:
Language Neutral
Common path:
C:\users\{user}\downloads\setup.exe
Authority:
COMODO CA Limited
Valid from:
5/20/2015 1:00:00 AM
Valid to:
5/20/2016 12:59:59 AM
Subject:
CN=OOO Kod Intertainment, OU=Application Pool Update, O=OOO Kod Intertainment, STREET="per. Sukharevski M., d. 9 str. 1 of. 36", L=Moscow, S=Moscow, PostalCode=127051, C=RU
Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Serial number:
7A6FDC0F2D8E213EC782BFD34D9EE9D4
The file Setup.exe has been seen being distributed by the following 3 URLs.
http://liveupgrade.soft2update.xyz/dl.php?ytrfd=ziAO19GAzwFFVrTTapxzrA3R7E2nYKVRgrpThs1uwBo.&cid=1076e361a05b4abb8477400af2338f1e-7570&sub=1071&conversion_id=14623080987618&app_id=4&lp_id=1614&v=tribat&stub_id=305&v_id=N3LIYLodG8bMjdmEiNHu0bOGQVKspEC4R5Ey5hM5MtQ.&lpp=No match