setup.exe

Paycom Media, S.L.

The application setup.exe by Paycom Media, S.L has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Paycom Media, S.L.  (signed and verified)

MD5:
e474feda449a11984d623054826ff5c0

SHA-1:
49649cdf57ae84841ea7250ee4cac5f1682daa35

SHA-256:
59307c4623c70cd909d9e1a64bb82a3dc54b1ef177cc7a0d1deea83a6279a145

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/14/2024 6:10:25 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/InstallCore.BA potentially unwanted application
8.0.319.0

F-Prot
W32/InstallCore.N.gen
4.6.5.141

Reason Heuristics
PUP.PaycomMe.Installer (M)
16.7.15.17

File size:
1 MB (1,063,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/19/2012 12:00:00 AM

Valid to:
3/19/2013 11:59:59 PM

Subject:
CN="Paycom Media, S.L.", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Paycom Media, S.L.", L=Madrid, S=Madrid, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2FADC58FEA37F310A0F6E40CECBD0B6A

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:YaXL6RZRvIkzvxFisGq77IgLKz1HCOGBlH17T9J0ztCZdITgOGAFC44D2jqO+7oB:7XL6R1TxFl7kgLKzLgwC44D2mOH

Entry address:
0xCD280

Entry point:
55, 8B, EC, 83, C4, F0, B8, 48, 82, 40, 00, E8, EF, DF, FF, FF, FF, 25, CC, E1, 46, 00, 8B, C0, FF, 25, C8, E1, 46, 00, 8B, C0, FF, 25, C4, E1, 46, 00, 8B, C0, FF, 25, C0, E1, 46, 00, 8B, C0, FF, 25, BC, E1, 46, 00, 8B, C0, FF, 25, B8, E1, 46, 00, 8B, C0, FF, 25, B4, E1, 46, 00, 8B, C0, FF, 25, F4, E1, 46, 00, 8B, C0, FF, 25, B0, E1, 46, 00, 8B, C0, FF, 25, F0, E1, 46, 00, 8B, C0, FF, 25, AC, E1, 46, 00, 8B, C0, FF, 25, A8, E1, 46, 00, 8B, C0, FF, 25, A4, E1, 46, 00, 8B, C0, FF, 25, A0, E1, 46, 00, 8B, C0...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
837.5 KB (857,600 bytes)

Remove setup.exe - Powered by Reason Core Security