home

setup.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from www.tallysolutions.com.
MD5:
1cc78ce318a3d9324122bbbe36b6042e

SHA-1:
42cf24a4fba3e2eec520c94486ac0cae15ec0f56

SHA-256:
fa106cccf635ee3ed594b3e1cd6fc5d00052d08845150a8404ed17302f3a72ee

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 3:34:56 AM UTC  (today)

File size:
1 MB (1,054,032 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
4/19/2016 3:00:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:KKlNoq616hV3XYy9flKPcdcpJXsmOn0VnvShDQ/YQ3ILmroz6EijY:noqA6PnDtKPcdiC0VvS1g5Hro2EijY

Entry address:
0x2BEC0

Entry point:
B8, 10, 62, 27, 04, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 83, 89, A2, CE, 09, 8A, C8, 7A, 56, E0, CB, 0E, 1F, 33, 5E, 16, 70, FD, 54, 57, 33, F1, 18, 86, D1, AC, 5C, BE, 24, 06, 24, A4, 32, FB, 9F, 8D, 82, 7A, F3, 70, BC, C9, 95, 69, 0C, F6, AF, E2, A9, 3A, 06, 5B, 24, 35, C6, E5, A9, 9A, 08, 44, 14, 70, 28, 07, 31, 4C, EC, 67, 9B, 95, 5A, 47, 90, 82, 09, 3F, 84, 76, A9, 0F, F6, E1, F5, B5, F8, BB, E9, 75, 25, 74, C9, 94, 0D...
 
[+]

Entropy:
7.9997

Packer / compiler:
PECompact v2

Code size:
1.2 MB (1,266,176 bytes)

The file setup.exe has been seen being distributed by the following URL.

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=227&strRemarks=Sample remarks

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.