home

Setup.exe

Club Cooee Installer

cooee GmbH

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from pt.clubcooee.com and multiple other hosts.
Publisher:
cooee GmbH  (signed and verified)

Product:
Club Cooee Installer

Version:
1.7.22.0

MD5:
661bb8151032697b4fb8f48efa2ea5a5

SHA-1:
4bb2e9d060d6aa81b066c00308ac0c21a26c190c

SHA-256:
3e9d9417d9a35e735c20d51bda2c7c6ac4eab396ed0b84be287919786b0259e5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/21/2024 4:37:25 AM UTC  (today)

File size:
27.2 MB (28,508,136 bytes)

Product version:
1.7.22.0

Copyright:
(c) cooee GmbH

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
cooee GmbH

Authority:
VeriSign, Inc.

Valid from:
7/17/2014 8:00:00 PM

Valid to:
8/16/2016 7:59:59 PM

Subject:
CN=cooee GmbH, O=cooee GmbH, L=Kaiserslautern, S=Rheinland-Pfalz, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3C4B79869BC71867254F7FC0991CD277

File PE Metadata
Compilation timestamp:
2/24/2012 2:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:X/vYPG0e8D8tYDIkGDx+W8hw1SCjBZNamIdh3HM:X/wPk8uY8tDJ71S2t5kVs

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.9999

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file Setup.exe has been seen being distributed by the following 5 URLs.

https://pt.clubcooee.com/.../setupwin

http://de.clubcooee.com/.../setupwin

http://fr.clubcooee.com/.../setupwin

http://pt.clubcooee.com/.../setupwin

http://en.clubcooee.com/.../setupwin

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.