setup.exe

The application setup.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from ttb.lpmxp2188.com.
MD5:
f647b103d1d243896a2c8afce94ed98d

SHA-1:
5fbb2e21ca9a21110fdf04995d3835c0eabd6d0a

SHA-256:
4f88f782845b4c6acc50966f71a643494510f7d1717853fb686f135b70c6adc0

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 11:30:20 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

avast!
Win32:GenMalicious-ADB [PUP]
160518-2

AVG
Adware AdPlugin.GEZ
2015.0.4604

Dr.Web
Trojan.DownLoader11.34807
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.ED
16.07.06

File size:
1.3 MB (1,365,588 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
9/23/2014 2:52:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:TGjJKtAXaMb5YpCCNAfGU64giomYhXlZwVBhVS+JbIHICWKotTn+8Z:TGNKpbmfLRgioDXz+BhA3SvVnD

Entry address:
0x6D2E

Entry point:
E8, 26, 40, 00, 00, E9, 7F, FE, FF, FF, E9, 3C, 02, 00, 00, FF, 35, 78, 4C, 46, 00, FF, 15, 6C, 50, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 1D, 38, 00, 00, 6A, 01, 6A, 00, E8, C6, 46, 00, 00, 83, C4, 0C, E9, DD, 46, 00, 00, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, 5F, 47, 00, 00, C7, 06, 30, B7, 45, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 30, B7, 45, 00, E9, 6A, 47, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 24, 48, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, 07, 02, 00, 00, 59, 85, C0, 74...
 
[+]

Code size:
78.5 KB (80,384 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security