Setup.exe

Norman System Speedup

360Amigo Oy

The application Setup.exe by 360Amigo Oy has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the uninstaller utility registered in the Windows Control Panel for the program Norman System Speedup by Norman System Speedup. The file has been seen being downloaded from download01.norman.no.
Publisher:
Norman  (signed by 360Amigo Oy)

Product:
Norman System Speedup

Version:
1.2.1.8600

MD5:
c93f2989a39fe5c3bf35da421de5258a

SHA-1:
4a9c83fc470288b6512700407ba0a1d834b309c6

SHA-256:
8f3e912df8c608b72e80b87458bb0157c5f950a168bf37238f97e36fb053cbb3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:37:25 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Installer.F
14.5.19.4

File size:
7.9 MB (8,281,376 bytes)

Product version:
1.2.1.8200

Copyright:
Copyright 2013 by Norman

Trademarks:
Norman System Speedup

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/3/2013 8:00:00 AM

Valid to:
9/4/2015 7:59:59 AM

Subject:
CN=360Amigo Oy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=360Amigo Oy, L=Helsinki, S=Helsinki, C=FI

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
35C515369591740AE854DEA6356AFF39

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:QdGIGgHlpP1I6IWynpFprJkx7BBCYmNL9Qi6uSYfUffzoAr/ceTMtY:Q0qvAWytJS1k5srfzoS/cw

Entry address:
0x131544

Entry point:
55, 8B, EC, B9, 09, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, 54, 11, 53, 00, E8, BF, 52, ED, FF, 33, C0, 55, 68, 60, 1A, 53, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, AA, 15, 53, 00, 64, FF, 32, 64, 89, 22, E8, C2, 5F, F6, FF, 83, F8, 05, 7F, 19, 8B, 0D, 94, 55, 53, 00, 8B, 09, B2, 01, A1, 58, 7C, 40, 00, E8, E1, BC, ED, FF, E8, 58, 26, ED, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 23, E9, 89, 24, ED, FF, 01, 00, 00, 00, 58, 7C, 40, 00, BB, 15, 53, 00, 8B, 40, 04, E8, 81, 65, F6, FF, E8...
 
[+]

Entropy:
6.7377

Developed / compiled with:
Microsoft Visual C++

Code size:
1.2 MB (1,248,256 bytes)

Program Uninstaller
Program name:
Norman System Speedup

Display publisher:
Norman System Speedup

Display version:
1.2.1.8600

Uninstall string:
C:\Program files\NormanSpeedup\Uninstall.exe /REMOVE


The file Setup.exe has been seen being distributed by the following URL.

Remove Setup.exe - Powered by Reason Core Security