setup.exe

The application setup.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from files.airdwnlas.com.
MD5:
248864e9209d1c82a901077267efa35a

SHA-1:
1a2d57208d03e17b2d99392ce50f77eb987f4a08

SHA-256:
f014660c6fdc73050c6b84cc664686bef462e6825cdcb847d66f7a6e97e21f9e

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 2:50:03 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Adware-BZI [PUP]
160708-3

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.519742
16.07.15

Norman
Gen:Variant.Adware.Kazy.519742
28.05.2016 15:32:18

Reason Heuristics
Adware.Generic.AT (M)
16.7.15.5

File size:
906 KB (927,716 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
8/22/2014 3:57:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:0C70G5seguPAIvosuHWiCxGRp2k+KQsM57:0C7INBIs/sGNQsMx

Entry address:
0x29F2B0

Entry point:
00, 00, 01, 00, 09, 04, 00, 00, 70, 02, 00, 00, EC, 19, 2A, 00, 34, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, 98, 02, 00, 00, 24, 1B, 2A, 00, 34, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, C0, 02, 00, 00, 5C, 1C, 2A, 00, 34, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00...
 
[+]

Code size:
844 KB (864,256 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security