setup.exe

The program is a setup application that uses the Nullsoft Scriptable Install System installer. The file has been seen being downloaded from get.ddllpmedia.info.
MD5:
0bd99fb3b6363142ef52acd3566f7931

SHA-1:
3a4cd4a7a2e363caf18f3a7d98828b6d6235979a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 4:11:33 PM UTC  (today)

File size:
639.4 KB (654,784 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\setup.exe

File PE Metadata
Compilation timestamp:
12/6/2009 5:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:Ob4VEhgLWODz6tgS9n75UOYjG+I8uzO0e0FvZk:ObJhcU5UOuI8uTl2

Entry address:
0x30FA

Entry point:
60, 2B, EE, 85, C3, EB, 01, E3, 80, CA, 31, 6A, 00, FF, 15, 0C, 71, 40, 00, 29, C8, 89, CB, 23, CF, 89, EE, E8, 00, 00, 00, 00, BA, DC, AA, 21, 04, 80, EE, 85, F2, 1C, 13, 81, C2, 23, 5A, B5, A4, 86, D5, 0F, B7, CF, 69, FE, AD, BC, 8F, 16, 81, F2, 5C, AF, B6, A1, 0F, A5, C1, 0F, C1, F1, 8A, E2, 5B, 81, C3, FF, 5B, 00, 00, 8A, D0, 0F, C9, 47, 81, C3, E7, 12, 03, 00, 81, D1, 64, 97, FE, C9, 0F, BE, C6, 0F, C9, 53, 81, C3, FC, 09, 00, 00, F7, D1, 0F, CF, 89, E9, 81, C3, 63, 0E, 00, 00, 0F, BA, FF, C4, 89, E9...
 
[+]

Entropy:
7.9782  (probably packed)

Code size:
23.5 KB (24,064 bytes)

The file setup.exe has been seen being distributed by the following URL.

Scan setup.exe - Powered by Reason Core Security