setup.exe

Setup Factory Runtime

Dey yazilim ve internet hizmetleri san. tic. ltd. sti.

The application setup.exe, “Setup Application” by Dey yazilim ve internet hizmetleri san. tic. ltd. sti has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Setup Factory installer.
Product:
Setup Factory Runtime

Description:
Setup Application

Version:
9.1.0.0

MD5:
f62faacca82b3d987bc5a6b886424a69

SHA-1:
474fd818856488cf7620243dc559a7b8c24a335b

SHA-256:
f2d4f0e0728c671a75c5eafb5149c443f6f2ad3b4ff37a71e30a114e4fe27025

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 12:48:41 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonitize.Deyyazilimveinternethizmetlerisanticsti.Installer (M)
15.9.20.15

File size:
2.9 MB (3,092,880 bytes)

Product version:
9.1.0.0

Copyright:
Setup Engine Copyright © 2004-2012 Indigo Rose Corporation

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:
suf_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/26/2013 2:00:00 AM

Valid to:
2/27/2014 1:59:59 AM

Subject:
CN=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., O=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., STREET=kuloglu mah alyon gecidi sok, STREET=beyoglu, L=istanbul, S=istanbul, PostalCode=34433, C=TR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00AA9B511464EAA0A58485815A3C6628FC

File PE Metadata
Compilation timestamp:
6/14/2012 7:16:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:iShySkASzCNzcvi57bxUxw2d6uIccslz5B8GL6B87Zv+Lxb3MtVKGLJ:pqBQzcahitd6uxc6z5KGL6B87Zwb8tVV

Entry address:
0x29E1

Entry point:
E8, A6, 1D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 56, 57, 33, F6, BF, C8, AB, 40, 00, 83, 3C, F5, 54, A0, 40, 00, 01, 75, 1D, 8D, 04, F5, 50, A0, 40, 00, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, FF, 15, C0, 70, 40, 00, 85, C0, 74, 0C, 46, 83, FE, 24, 7C, D3, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, 50, A0, 40, 00, 00, 33, C0, EB, F1, 8B, FF, 53, 8B, 1D, C4, 70, 40, 00, 56, BE, 50, A0, 40, 00, 57, 8B, 3E, 85, FF, 74, 13, 83, 7E, 04, 01, 74, 0D, 57, FF, D3, 57, E8, 18, FD, FF, FF, 83, 26, 00, 59, 83, C6, 08...
 
[+]

Code size:
22 KB (22,528 bytes)

Remove setup.exe - Powered by Reason Core Security