setup.exe

Long Mile Solutions, LLC

The software will display additional offers (such as adware) during installation including a browser toolbar/extension as well as advertising injection software (part of the Injekt brand). The application setup.exe by Long Mile Solutions has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from dl.spyalertapp.com.
Publisher:
Long Mile Solutions, LLC  (signed and verified)

MD5:
471f2f8ac4e81c48bd58d69e9a4da312

SHA-1:
0ac96079f70d450a3e3d74fc910e48599c268854

SHA-256:
3a807fd94d057d4c4ce2e9f3f34707f7cec42a4dcc52100ff73409e8fe39a67d

Scanner detections:
19 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
11/30/2024 11:38:21 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.PullUpdate
7.1.1

Avira AntiVirus
ADWARE/Adware.Gen
7.11.207.154

avast!
Win32:Adware-gen [Adw]
2014.9-150225

AVG
Downloader
2016.0.3187

Baidu Antivirus
Adware.MSIL.PullUpdate
4.0.3.15225

Comodo Security
ApplicUnwnt
20975

Dr.Web
Adware.Yontoo.55
9.0.1.056

ESET NOD32
MSIL/Adware.PullUpdate
9.11130

Fortinet FortiGate
Adware/PullUpdate
2/25/2015

K7 AntiVirus
Adware
13.193.14880

Malwarebytes
PUP.Optional.SpyAlert.A
v2015.02.25.10

McAfee
Artemis!471F2F8AC4E8
5600.6843

NANO AntiVirus
Riskware.Win32.PullUpdate.dhdygj
0.30.0.65070

Reason Heuristics
PUP.Installer.Injekt
15.2.25.22

Rising Antivirus
PE:Trojan.Win32.Generic.1772E2F1!393405169
23.00.65.15223

Sophos
Generic PUA PJ
4.98

Trend Micro House Call
TROJ_GEN.R002C0OA315
7.2.56

Trend Micro
TROJ_GEN.R002C0OA315
10.465.25

VIPRE Antivirus
Injekt
37290

File size:
3.8 MB (4,013,392 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/20/2014 2:00:00 AM

Valid to:
5/21/2015 1:59:59 AM

Subject:
CN="Long Mile Solutions, LLC", O="Long Mile Solutions, LLC", L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6015F7C4F3F065B548DA2303F218785D

File PE Metadata
Compilation timestamp:
6/6/2009 11:41:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:upmm6f6lrZU0DRjkj+YpOahu7XWDXCWHYzTTzmm6f6lR:upJi6tZU0DRkj9pOahLDX4TTzJi6/

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security