» setup.exe
Overview
Analysis
File Details
Downloads (17)

setup.exe

Tally Update

Tally Solutions Private Limited

This is a self-extracting archive and installer. The file has been seen being downloaded from mirror.tallysolutions.com and multiple other hosts.

File name:

setup.exe

Publisher:

Tally Solutions Pvt. Ltd. (signed by Tally Solutions Private Limited)

Product:

Tally Update

Description:

Tally Update Setup

Version:

1.0.1.0

MD5:

3fc4afe39991199f613bf3f380bae3a0

SHA-1:

5987bf3136fbe8f41878a55cd04801ad82cf49d7

SHA-256:

7ce83ea4046a1ac1ba3eeaa7a5a256cdf6e33984158d6dbea18a20d9b12461d9

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 7:55:50 AM UTC (today)

File size:

1 MB (1,074,968 bytes)

Product version:

1.0.1.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

Tally Solutions Private Limited

Authority:

Symantec Corporation

Valid from:

2/18/2016 5:30:00 AM

Valid to:

3/20/2019 5:29:59 AM

Subject:

CN=Tally Solutions Private Limited, OU=RnD, O=Tally Solutions Private Limited, L=Bangalore, S=Karnataka, C=IN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4F966789BA4CE00242D910B210FAE6F4

File PE Metadata

Compilation timestamp:

5/31/2016 12:21:24 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:rPYwg48wwEgH1NiVBnGPSSRyCNRhRxxsY1GL4YWxpVJXVvDG/:7YwswwEiNiVBnG6IyC5psX4tpV/

Entry address:

0x2BE90

Entry point:

B8, 88, 51, 66, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, B2, BC, B2, 0D, 22, CE, 99, E4, 42, 51, 44, CB, 04, 2F, 69, 54, CF, 5F, 1A, B8, 85, C0, C8, 06, 20, E0, D3, 64, D3, C5, 03, 15, C6, A0, 9F, 7A, F2, D3, 54, 39, EA, A7, 2D, E2, 0C, AF, 22, 49, 8B, 5C, F0, 12, 2F, C6, 10, 1C, AF, A1, 5B, D6, F6, FE, F7, C4, 8B, 98, 1F, 82, 19, E0, 39, 77, D8, BA, EA, 75, FD, 55, 57, A6, FA, DD, A9, E2, EF, 65, 32, F9, D9, B3, 7B, 46, 03... 
[+]

Entropy:

7.9888

Packer / compiler:

PECompact v2

Code size:

1.2 MB (1,266,688 bytes)

The file setup.exe has been seen being distributed by the following 17 URLs.

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=117.232.210.140

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=114.143.74.137

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=103.16.29.14

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=116.203.77.35

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=232&strRemarks=Sample remarks

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=122.167.15.44

http://ms-word-file-size-reduce-software.software.informer.com/.../

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=242&strRemarks=Offline Installer

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=61.0.15.82

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=43.250.252.156

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=183.87.20.236

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=122.180.229.42

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=117.199.128.5

http://c9426epi1gr12uaqy0sh47t61z.hop.clickbank.net/?tu=download&tid=yubw3d77257203aa298e

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.8_Gold/.../&strRemarks=Sample remarks&strFileID=251&strRemoteIP=112.133.232.5

http://mirror.tallysolutions.com/download_centre/R5.3.8_Gold/.../setup.exe

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=251&strRemarks=Sample remarks

Scan setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.