setup.exe

Kreapixel

The application setup.exe by Kreapixel has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from ressource.illyx.com.
Publisher:
Kreapixel  (signed and verified)

Description:
Installeur

Version:
2.6.0.1

MD5:
65d850dc6835beba5d0f3dc97ee33853

SHA-1:
0b7049a664b623024d8a5b19da80f3c12f1188fa

SHA-256:
2d6e6b709db91854d911f9694663f77e9b96b549abd7b52aa40b63816ac777cb

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 2:38:15 AM UTC  (today)

Scan engine
Detection
Engine version

G Data
Win32.Application.KreaPixWebplayer
14.2.24

Panda Antivirus
Suspicious file
14.02.16.02

Reason Heuristics
PUP.Installer.Kreapixel.F
14.2.16.14

Sophos
Kreapixel
4.97

File size:
798.8 KB (818,000 bytes)

Product version:
3.3.10.2

Copyright:
©1999-2013 Jonathan Bennett & AutoIt Team

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\temp\setup.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
4/28/2013 2:00:00 AM

Valid to:
4/29/2014 1:59:59 AM

Subject:
CN=Kreapixel, OU=24, O=Kreapixel, L=Bergerac, S=Dordogne, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
73E829C616F33571512B97CC95565619

File PE Metadata
Compilation timestamp:
2/6/2014 6:41:22 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:lXe9PPlowWX0t6mOQwg1Qd15CcYk0We1i3EI1PV82gNiOoH2jDnrOXh2wDVwlhc+:shloDX0XOf4AEma272jHOXh30hfoc

Entry address:
0x14A090

Entry point:
60, BE, 00, 60, 4F, 00, 8D, BE, 00, B0, F0, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Code size:
340 KB (348,160 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security