setup.exe

The executable setup.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from www.youtube.com and multiple other hosts.
MD5:
4215c0d13524109d0246338132437d08

SHA-1:
4ff73cf834b57e9ba59ef7a8dd4ce35f9dee6398

SHA-256:
602353c4739ef5ef48fd495610770098a7b973d5acca81209528cda3e833af3d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/24/2024 5:04:02 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.2.19.1

File size:
152.1 KB (155,722 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
2/18/2015 5:59:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:FR5huAWW9p8Deb52YTlU06GBddbX1+ZYVwF:FR59Wep8qU4T6GBL1EYCF

Entry address:
0x42F6

Entry point:
55, 8B, EC, 6A, FF, E9, 74, E9, FF, FF, 8B, 45, EC, 50, E8, 19, CE, FF, FF, C3, B8, 70, AD, 40, 00, E9, 24, EB, FF, FF, 8B, 4D, F0, E8, B4, E7, FF, FF, C3, 8B, 4D, F0, 81, C1, 88, 00, 00, 00, E8, 9F, E7, FF, FF, C3, 68, 8C, 29, 40, 00, 68, E8, 03, 00, 00, 6A, 04, 8B, 45, F0, 05, 78, 10, 00, 00, 50, E8, FA, EA, FF, FF, C3, 68, 8C, 29, 40, 00, 68, 40, 42, 0F, 00, 6A, 04, 8B, 45, F0, 05, 1C, 20, 00, 00, 50, E8, DF, EA, FF, FF, C3, 68, 8C, 29, 40, 00, 68, 40, 42, 0F, 00, 6A, 04, 8B, 45, F0, 05, 68, 48, 3D, 00...
 
[+]

Entropy:
6.6012

Developed / compiled with:
Microsoft Visual C++

Code size:
36 KB (36,864 bytes)

The file setup.exe has been seen being distributed by the following 5 URLs.

http://www.youtube.com/setup.exe

Remove setup.exe - Powered by Reason Core Security