home

setup.exe

Tally Update

Tally Solutions Private Limited

Publisher:
Tally Solutions Pvt. Ltd.  (signed by Tally Solutions Private Limited)

Product:
Tally Update

Description:
Tally Update Setup

Version:
1.0.1.0

MD5:
58683f21b8e6c3b5b581972adaf47046

SHA-1:
6843595b7c6acf3d71c7e4ac4eaa04999c159ead

SHA-256:
f8cd4ce8ee9bfc0f5b6d66c1464c7c32f37f4959820873ffb15b65454d871890

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 3:55:38 AM UTC  (today)

File size:
1 MB (1,074,976 bytes)

Product version:
1.0.1.0

Copyright:
© Tally Solutions Pvt. Ltd., 1988-2016

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe.part

Digital Signature
Signed by:
Tally Solutions Private Limited

Authority:
Symantec Corporation

Valid from:
2/18/2016 5:30:00 AM

Valid to:
3/20/2019 5:29:59 AM

Subject:
CN=Tally Solutions Private Limited, OU=RnD, O=Tally Solutions Private Limited, L=Bangalore, S=Karnataka, C=IN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4F966789BA4CE00242D910B210FAE6F4

File PE Metadata
Compilation timestamp:
5/14/2016 7:19:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:xQaQ+AdrME7muTE+b2vnS3QcCShFwxKHVNw4kAjzw:lQ+AtMEZh2vnWQZ+UakK

Entry address:
0x2BE90

Entry point:
B8, 88, 51, 66, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 15, 5D, 49, B3, 92, 4B, 38, 08, E6, 5E, 61, 61, 2C, 21, CA, 5C, 7D, 81, 3D, 00, E8, FE, E6, A9, 50, CE, AF, B8, 96, D7, 76, F6, 9A, F8, E7, 93, 21, 2D, 2F, 4F, A0, 7C, C1, 20, 8B, 08, 9E, 69, C5, 86, 34, 9D, 15, 95, 92, 4D, B5, 57, E3, B1, 05, 80, 74, 5A, 31, 51, A0, 87, 80, 32, 65, 13, B5, 98, 6B, 8D, A5, 25, E9, AA, B0, C7, 3C, 7E, F1, CE, 41, 23, C4, 96, DD, F4, 42...
 
[+]

Entropy:
7.9887

Packer / compiler:
PECompact v2

Code size:
1.2 MB (1,266,688 bytes)

The file setup.exe has been seen being distributed by the following 8 URLs.

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=244&strRemoteIP=122.173.187.49

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=244&strRemoteIP=117.228.98.191

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=244&strRemoteIP=43.250.165.53

http://mirror.tallysolutions.com/download_centre/R5.3.7_Gold/.../setup.exe

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=244&strRemoteIP=106.219.24.66

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=194&strRemarks=Sample remarks

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=244&strRemoteIP=117.203.14.238

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=244&strRemarks=Sample remarks

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.