home

setup.exe

This is a setup and installation application. The file has been seen being downloaded from www.softwinupdate.com and multiple other hosts.
MD5:
610aaeba51ee2d1571d86f119fbd83a2

SHA-1:
131c4814e07bbb6d17dbed9c1b080a8722980875

SHA-256:
f0a0357a1b186619fb2e709b2aa6ce8a41ad9c38103730318640483560417f69

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 8:37:33 AM UTC  (today)

File size:
19.5 KB (19,991 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:CKsqcNgNHNeaa3ThfrWrTQcdF0Pe7O0cFEn:nsqcuFQaVJF1n

Entry point:
3C, 21, 44, 4F, 43, 54, 59, 50, 45, 20, 68, 74, 6D, 6C, 3E, 0A, 3C, 68, 74, 6D, 6C, 20, 6C, 61, 6E, 67, 3D, 22, 65, 6E, 22, 3E, 0A, 20, 20, 20, 20, 3C, 68, 65, 61, 64, 3E, 0A, 20, 20, 20, 20, 20, 20, 20, 20, 3C, 6D, 65, 74, 61, 20, 63, 68, 61, 72, 73, 65, 74, 3D, 22, 75, 74, 66, 2D, 38, 22, 3E, 0A, 20, 20, 20, 20, 20, 20, 20, 20, 3C, 74, 69, 74, 6C, 65, 3E, 4B, 6F, 6D, 70, 6C, 65, 6B, 73, 6F, 77, 65, 20, 53, 79, 73, 74, 65, 6D, 79, 20, 49, 6E, 66, 6F, 72, 6D, 61, 63, 79, 6A, 6E, 65, 3C, 2F, 74, 69, 74, 6C...
 
[+]

The file setup.exe has been seen being distributed by the following 2 URLs.

http://www.softwinupdate.com/down/flash/.../down.php?sid=237&dv1=ad231-gb&kw1=ad231-gb-san&uuid=8a25981d-f42a-4a86-4e32-b502f1922b52&dv3=8a25981d-f42a-4a86-4e32-b502f1922b52&dv3=8a25981d-f42a-4a86-4e32-b502f1922b52

https://update.blob.core.windows.net/.../Setup.exe

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.