setup.exe

Topic Bridge

The application setup.exe by Topic Bridge has been detected as a potentially unwanted program by 36 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from files4.downloadnet1184.com.
Publisher:
Accurate Precise Installation  (signed by Topic Bridge)

Product:
Accurate Precise Installation

Version:
95.9.6.3023

MD5:
1895e51c4bb3ebd5cfd95674df58f36c

SHA-1:
2ddd65b41df4763b104885ec0667a9f94ba081b2

SHA-256:
ef03502c52e615314fd29ee898b5a118a488f50f51f21345d22d6abe8b7035a8

Scanner detections:
36 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
11/15/2024 6:19:54 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.15037135
388

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.DownloadAdmin
2015.10.08

Avira AntiVirus
PUA/DownloadAdmin.iks
8.3.2.2

avast!
Win32:DownloadAdmin-AL [PUP]
2014.9-160112

AVG
Downloader.Generic_r
2017.0.2866

Bitdefender
Trojan.Generic.15037135
1.0.20.60

Bkav FE
W32.HfsAdware
1.3.0.7237

Clam AntiVirus
Win.Trojan.Downloadadmin-223
0.98/21166

Comodo Security
Application.Win32.DownloadAdmin.NY
23375

Dr.Web
Trojan.Vittalia.351
9.0.1.012

Emsisoft Anti-Malware
Gen:Variant.Mikey.26650
8.16.01.12.01

ESET NOD32
Win32/DownloadAdmin.N potentially unwanted application
10.7.0.302.0

Fortinet FortiGate
Riskware/DownloAdmin
1/12/2016

F-Prot
W32/DownloAdmin.B.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Mikey.26650
11.2016-12-01_3

G Data
Trojan.Generic.15037135
16.1.25

IKARUS anti.virus
PUA.DownloadAdmin
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.210.17465

Kaspersky
not-a-virus:Downloader.Win32.DownloAdmin
14.0.0.827

Malwarebytes
PUP.Optional.DownLoadAdmin
v2016.01.12.01

McAfee
Program.DownloadAdmin
5600.6522

Microsoft Security Essentials
SoftwareBundler:Win32/Dowadmin
1.1.12300.0

MicroWorld eScan
Trojan.Generic.15037135
17.0.0.36

NANO AntiVirus
Trojan.Win32.DownloAdmin.dvxxaa
0.30.26.3947

nProtect
Trojan.Generic.15037135
15.10.08.01

Panda Antivirus
Generic Suspicious
16.01.12.01

Qihoo 360 Security
Win32/Virus.4d9
1.0.0.1015

Reason Heuristics
PUP.TomorrowSoftware.TopicBridge.Installer (M)
16.1.12.13

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.16110

Sophos
PUA 'Download Admin'
5.22

SUPERAntiSpyware
9390

Trend Micro
TROJ_GEN.R08NC0OI215
10.465.12

Vba32 AntiVirus
SScope.Downware.DownloadAdmin
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
44376

Zillya! Antivirus
Downloader.DownloAdmin.Win32.1455
2.0.0.2434

File size:
758.8 KB (777,048 bytes)

Product version:
95.9.6.3023

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\setup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/30/2015 5:00:00 PM

Valid to:
7/30/2016 4:59:59 PM

Subject:
CN=Topic Bridge, O=Topic Bridge, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5EB8A58601B8FC4D1BBCDB6CE5FB4850

File PE Metadata
Compilation timestamp:
8/14/2014 4:28:30 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:n1L2QwlLPurKSY/hbP4dX8Q0f77T2MDTDD0c7wN1E2Or8znf3QF0fIFk9Wrhh:n1Lsz5/hbPQkj2MDTDD3wN1E/r8b3fw9

Entry address:
0x1EFC70

Entry point:
60, BE, 00, 60, 53, 00, 8D, BE, 00, B0, EC, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.9210

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
744 KB (761,856 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security