home

setup.exe

Install

Fireside Software SRL

Publisher:
Microsoft  (signed by Fireside Software SRL)

Product:
Install

Version:
1.0.0.0

MD5:
7d698c3dd8ecf99acc2f98ae75c357d6

SHA-1:
720a44119b4b6a4f14e6188d55f4f6710f138d9b

SHA-256:
c6f9d259e4cacf9b180a0cff03be7d644e5fed25e1c7a1768264abd1ae6a5394

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
1/15/2025 4:30:12 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.Yontoo.5445
9.0.1.066

K7 AntiVirus
Adware
13.10.3.22587

File size:
5.2 MB (5,480,384 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2015

Original file name:
Install.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:
Fireside Software SRL

Authority:
Symantec Corporation

Valid from:
6/16/2015 5:00:00 PM

Valid to:
6/16/2016 4:59:59 PM

Subject:
CN=Fireside Software SRL, O=Fireside Software SRL, L=St. Michael, S=St. Michael, C=BB

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2B948C51F62A24FA89EDCBD1455D8931

File PE Metadata
Compilation timestamp:
1/4/2016 2:11:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x51DF5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.8855

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
5.1 MB (5,357,568 bytes)

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.