home

Setup.exe

Norton Security Scan

Symantec Corporation

This is a setup and installation application. The file has been seen being downloaded from liveupdate.symantecliveupdate.com.
Publisher:
Symantec Corporation  (signed and verified)

Product:
Norton Security Scan

Version:
2.3.0.44

MD5:
079b35eb54ae361ab137ce4f807e39be

SHA-1:
7fa874304bfcbcd80fe5aa1cfc1f576b14cc3e66

SHA-256:
18b003b03ba5b73ff1a9fd459bebffcc5ddc968745e1515801b780aafd45f34b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:36:46 AM UTC  (today)

File size:
6.1 MB (6,421,000 bytes)

Product version:
2.3.0.44

Copyright:
Copyright (c) 1997-2009 Symantec Corporation

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\setup.exe

Digital Signature
Signed by:
Symantec Corporation

Authority:
VeriSign, Inc.

Valid from:
10/30/2007 8:00:00 PM

Valid to:
11/24/2010 6:59:59 PM

Subject:
CN=Symantec Corporation, OU=Symantec Research Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symantec Corporation, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
758F5EE8263B6694719D8434EB998608

File PE Metadata
Compilation timestamp:
3/11/2009 11:52:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:H2fJs2sJ6Dt54PPuvEHTowahuPNZt0Lz4Ir:WhsR6DX4PPcEzoit0f

Entry address:
0x57D3B

Entry point:
E8, F3, 7A, 00, 00, E9, 17, FE, FF, FF, 6A, 08, B8, 53, 83, 46, 00, E8, 7D, 0D, 00, 00, FF, 75, 08, 83, 65, FC, 00, E8, 3A, D8, FF, FF, 59, 89, 45, EC, 8B, 45, EC, E8, 0A, 0E, 00, 00, C3, 83, 65, EC, 00, B8, 61, 7D, 45, 00, C3, 55, 8B, EC, 83, EC, 0C, A1, 70, D0, 48, 00, 33, C5, 89, 45, FC, 56, 33, F6, 3B, DE, 57, 75, 1E, E8, 66, 1C, 00, 00, 6A, 16, 5F, 56, 56, 56, 56, 56, 89, 38, E8, C3, D7, FF, FF, 83, C4, 14, 8B, C7, E9, 40, 01, 00, 00, FF, 75, 08, 53, E8, DA, 19, 00, 00, 3B, 45, 08, 59, 59, 72, 05, 66...
 
[+]

Entropy:
7.9585  (probably packed)

Code size:
430.5 KB (440,832 bytes)

The file Setup.exe has been seen being distributed by the following URL.

http://liveupdate.symantecliveupdate.com/upgrade/NSS/Default/.../Setup.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.