setup.exe

SDFormatter

TRENDY Co.

This is a self-extracting archive and installer. This is installed with SDFormatter. The file has been seen being downloaded from download.heise.de and multiple other hosts.
Publisher:
SD Association   (signed by TRENDY Co.)

Product:
SDFormatter

Description:
Installer of SD Formatter

Version:
4.0.0

MD5:
f349787511221e3de2de07b9a1c22fe1

SHA-1:
403e7005a33ba632aec245a2dfad2b34079f68f0

SHA-256:
597af9f7c621f1295ee86c59a727b8bc7c20ca3f5caac3c9a1edbec455c0a671

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 3:18:45 PM UTC  (today)

File size:
6.5 MB (6,786,320 bytes)

Product version:
4.0.0

Copyright:
Copyright (C) SD Association

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
4/23/2012 7:00:00 PM

Valid to:
4/24/2013 6:59:59 PM

Subject:
CN=TRENDY Co., OU=Cutting Edge, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TRENDY Co., L=Minato-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
432CB9BB3C2E6ACD2E344A7C30F7C996

File PE Metadata
Compilation timestamp:
9/21/2009 11:59:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:QgkOIJ/apIP7PW3kr4cDs0zmUmfUeyx6GYxS0:cPzA74nzmUVTfYn

Entry address:
0x56683

Entry point:
55, 8B, EC, 6A, FF, 68, F8, 7E, 47, 00, 68, 60, 72, 45, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 7C, 61, 47, 00, 33, D2, 8A, D4, 89, 15, 30, 87, 49, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 2C, 87, 49, 00, C1, E1, 08, 03, CA, 89, 0D, 28, 87, 49, 00, C1, E8, 10, A3, 24, 87, 49, 00, 6A, 01, E8, 44, 3E, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C2, 00, 00, 00, 59, E8, D9, 1A, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B1, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
7.9432

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
465.5 KB (476,672 bytes)

The file setup.exe has been discovered within the following program.

SDFormatter  by SD Association
Publisher's description - “This software formats all SD memory cards, SDHC memory cards and SDXC memory cards. SD Formatter provides quick and easy access to the full capabilities of your SD, SDHC and SDXC memory cards.”
www.sdcard.org
About 1% of users remove it
 
Powered by Should I Remove It?

The file setup.exe has been seen being distributed by the following 35 URLs.

http://download.heise.de/software/393ba2261a31c0c72763a0831b9aa7b8/54f65059/.../setup.exe

https://download.heise.de/software/9b4ff51077c409eb2befc0c0e0d2f34e/579e1b88/.../setup.exe

https://download.heise.de/software/e3e4198a5422aea9a96d28999c71395b/5815fcb7/.../setup.exe

http://botland.com.pl/pliki/.../SDFormatter.exe

https://download.heise.de/software/1e1c9ee6b65effad2e899f5a11087787/5824af9e/.../setup.exe

https://download.heise.de/software/3ad611631eabe75d3c26b16f1cd7b7a8/56cd6fa1/.../setup.exe

http://postimage.org/setup.exe

http://www.steamidlemaster.com/.../setup.exe

https://docviewer.yandex.com/source?id=3qhof-8wytfk2aqu9ssrodf7hdl8xy7ev8sck0786uus7r7g69cf9umdyx9ayd0di2unursybk8se6snftugmd6udelfm4tb8moecmyo6&archive-path=//.../setup.exe&ts=15859eaaab0&token=kp09Lyttdc1 EeOhuRulDg==&name=SDFormatterv4.zip

http://ttb.lpdownclsva011.com/download/request/.../dAXAa0iQ?__tc=1412998493.878&lpsl=b696726c7f3c40f168c53f4db0d2249e&expire=1413084882&n=&ClickID=&PubID=54205d316d47cd07e7000001&zt=54205d316d47cd07e7000001&fileName=Setup

http://s5924.chomikuj.pl/File.aspx?e=T2sOrZjSjHM7kDlSt9NZ-Uoo6iY6TU4S0Cn0PbitRtSveuAc6jxenfyd3MoELZK_rBRccqlhp7xkyBPhQXXXUVB7Jvxb2b_G1b8mliQdFgM2LIN5detOpNNTY_CtxVH0p5rk5zhJYhYBGNgR6GxWqQ&pv=2

https://download.heise.de/software/0e1e70bf6dc81f8af4cc203f0042f8e3/56535915/.../setup.exe

https://mega.nz/persistent/.../fYJWCRRI

http://www.chaynikam.net/.../counter.php?book=79

http://www.lpmxp2017.com/.../Setup.exe

temp:setup.exe

Latest 30 of 35 download URLs

Scan setup.exe - Powered by Reason Core Security