home

Setup.exe

O S U

Hudson Exchange Group, LLC

The file Setup.exe, “Open Software Updater” by Hudson Exchange Group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.
Publisher:
Hudson Exchange Group, LLC  (signed and verified)

Product:
O S U

Description:
Open Software Updater

Version:
3.1.0.0

MD5:
b09fb0c704a08857eb13c46865f4cf60

SHA-1:
80112cfb60e275d96d0ca7dfc8c3018216320e4f

SHA-256:
39d23683d4f780118bf46822c1d5ccf9dd1c02d15641fc240ec6e995cfce3f96

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 10:55:01 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.25.6

File size:
542.6 KB (555,640 bytes)

Copyright:
Copyright 2015

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Hudson Exchange Group, LLC

Authority:
Symantec Corporation

Valid from:
2/10/2015 7:00:00 PM

Valid to:
10/31/2016 7:59:59 PM

Subject:
CN="Hudson Exchange Group, LLC", O="Hudson Exchange Group, LLC", L=Woodcliff Lake, S=New Jersey, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
5B78F4208F4D587B6FA9A6AF8EC8FD12

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:OlYypvWWG4n2q8JlduA/XYhRF4y0XRpqFUsWq36ox1:OayRG4nH8JlNORCNLqF4i6ox

Entry address:
0x323C

Entry point:
54, EC, 68, 28, A3, F9, 0A, 62, A9, D1, 75, ED, 66, AE, E9, 9A, 06, 74, 2A, AB, 38, 66, CC, CB, C4, 3C, CD, 2A, 65, 45, F7, A3, B5, 52, 94, 0C, B6, 04, E2, B7, 10, 4C, 85, 0B, 46, 94, D9, 3F, 34, DF, 13, 29, A8, 6A, 20, 00, 0A, 13, F7, B5, 18, 19, 99, 96, 9B, 25, CD, CF, 97, D9, 51, 50, 86, 85, 3D, 90, 91, CC, 6D, 83, 24, 47, 54, AC, 3A, 53, 5E, 82, 44, 55, F5, B6, E3, 87, 41, 80, 0D, 66, 81, CA, F2, 7B, FF, 00, 18, 76, FD, 3E, AA, 7C, CB, D4, 9C, B5, 16, AA, E8, 57, 29, 8F, D7, 1B, 16, 1E, 28, B1, 63, CB...
 
[+]

Entropy:
7.9245  (probably packed)

Code size:
23 KB (23,552 bytes)

Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.