setup.exe

Digital Plugin SL

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application setup.exe by Digital Plugin SL has been detected as adware by 25 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.lpmxp2037.com.
Publisher:
Digital Plugin SL  (signed and verified)

MD5:
b1386fc89839148ff3e84b785e06fbfa

SHA-1:
1622186acc573470a576397ce2fa2ec11f434f42

SHA-256:
992f48b46d4441f89b14e8e680b3baeae45c10415283f48e39b19c8126f43d0e

Scanner detections:
25 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/29/2024 2:19:14 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.AA
903

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.DomaIQ
2014.08.16

Avira AntiVirus
TR/Dropper.Gen
7.11.30.172

avast!
Win32:SoftPulse-S [PUP]
140813-1

AVG
Generic
2015.0.3381

Bitdefender
Application.Bundler.AA
1.0.20.1140

Comodo Security
Application.Win32.SoftPulse.E
19199

Dr.Web
Trojan.Packed.28257
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.AA
9.0.0.4324

ESET NOD32
Win32/SoftPulse.H potentially unwanted application
7.0.302.0

F-Prot
W32/A-7d19a24c
v6.4.7.1.166

F-Secure
Application.Bundler.AA
11.2014-16-08_7

G Data
Application.Bundler.AA
14.8.24

IKARUS anti.virus
PUA.DigiPlug
t3scan.1.7.5.0

K7 AntiVirus
Unwanted-Program
13.183.13054

Malwarebytes
PUP.Optional.DomaIQ
v2014.08.16.03

McAfee
SoftPulse
5600.7037

MicroWorld eScan
Application.Bundler.AA
15.0.0.684

NANO AntiVirus
Trojan.Win32.Softpulse.dcouet
0.28.2.61519

Panda Antivirus
Trj/Genetic.gen
14.08.16.03

Reason Heuristics
PUP.Installer.DigitalPluginSL.F
14.8.16.2

Sophos
SoftPulse
4.98

Vba32 AntiVirus
Trojan.Buzus
3.12.26.3

VIPRE Antivirus
Threat.4150696
32210

File size:
1.3 MB (1,385,128 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softpulse SoftwareBundler

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/25/2014 5:00:00 PM

Valid to:
5/26/2015 4:59:59 PM

Subject:
CN=Digital Plugin SL, O=Digital Plugin SL, L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B59702469CAA1B8F0FE3A86D94D6266

File PE Metadata
Compilation timestamp:
7/17/2014 6:22:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:h3YD8/uAvukLLfGYudfVHlG6EvJ72DgiB8mdtBA1FYTtkUnO3lOeb:zhzPYlJlG1vJ720iBXzT6F3lOG

Entry address:
0x6736

Entry point:
E8, 74, 43, 00, 00, E9, 7F, FE, FF, FF, E9, B5, 13, 00, 00, FF, 35, B0, 2E, 47, 00, FF, 15, E4, 40, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 6B, 3B, 00, 00, 6A, 01, 6A, 00, E8, 82, 48, 00, 00, 83, C4, 0C, E9, 99, 48, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, D9, 48, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, A6, 13, 00, 00, 59, 85, C0, 74, E6, C9, C3, 6A, 01, 8D, 45, FC, 50, 8D, 4D, F0, C7, 45, FC, 44, 9D, 46, 00, E8, A8, 2F, 00, 00, 68, 4C, F7, 46, 00, 8D, 45, F0, 50, C7, 45, F0, 3C, 9D...
 
[+]

Entropy:
7.5805

Code size:
74.5 KB (76,288 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security