home

Setup.exe

ODM

DisplayTime Software Inc.

The file Setup.exe, “Open Downloader Manager” by DisplayTime Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Scriptable Install System installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.
Publisher:
InstallerTech Corp  (signed by DisplayTime Software Inc.)

Product:
ODM

Description:
Open Downloader Manager

Version:
3.0.0.0

MD5:
3e66863337f83f2b124f881498663bce

SHA-1:
709794a2378c1dfe7d89dca63541865f757de245

SHA-256:
9721643e40634473d49ff9ee4531e29f9132052ac3c14545173fe59ae18432cb

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 5:29:57 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer (M)
16.11.1.10

File size:
447.5 KB (458,272 bytes)

Copyright:
(c) InstallerTech Corp. 2015

Installer:
Nullsoft Scriptable Install System

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
DisplayTime Software Inc.

Authority:
Symantec Corporation

Valid from:
3/28/2015 7:00:00 PM

Valid to:
3/28/2016 6:59:59 PM

Subject:
CN=DisplayTime Software Inc., O=DisplayTime Software Inc., L=Dover, S=Delaware, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
228497A322D9856469F6265504405920

File PE Metadata
Compilation timestamp:
12/5/2009 4:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:4SCOykx3Pso1twMaJ9s+3XYO8j3flXQNjAX:dJbxkok9sfHzfZQG

Entry address:
0x30CB

Entry point:
FF, 51, 25, 45, FF, 4E, 1F, 41, FF, 4F, 1F, 42, FF, 54, 22, 47, FF, 60, 29, 51, FF, 66, 2C, 56, FF, 6D, 2C, 5B, FF, 75, 2E, 60, FF, 7E, 30, 67, FF, 85, 33, 70, FF, 89, 36, 7E, FF, 90, 39, 87, FF, 97, 3C, 8D, FF, A2, 40, 8F, FF, A8, 42, 93, FF, AC, 44, 99, FF, AF, 45, A1, FF, AF, 46, A9, FF, AD, 46, B0, FF, A5, 46, B5, FF, 9C, 45, B7, FF, 92, 43, B9, FF, 86, 40, BA, FF, 7C, 3E, B9, FF, 72, 3C, B7, FF, 68, 38, B4, FF, 60, 36, B2, FF, 58, 34, AE, FF, 50, 30, AB, FF, 4B, 2E, A7, FF, 46, 2D, A1, FF, 44, 2D, 9B...
 
[+]

Entropy:
7.9223  (probably packed)

Code size:
22.5 KB (23,040 bytes)

Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.