home

Setup.exe

Downloader

Aeria Games and Entertainment

This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from download.aeriagames.com.
Publisher:
Aeria Games & Entertainment  (signed by Aeria Games and Entertainment)

Product:
Downloader

Version:
2,1,0,0

MD5:
9f9dec0df1ac538ddfdeec8f96311efc

SHA-1:
85de062ceaed65d15e25456d2f98762dee7a7676

SHA-256:
6d9e4900c6599e18b92e75670052554ef439585f8117ff57483d2d18a132697b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/25/2025 8:07:12 AM UTC  (today)

File size:
545.1 KB (558,176 bytes)

Product version:
2,1,1783,0

Copyright:
© 2012 Aeria Games & Entertainment, Inc.

Original file name:
Downloader.exe

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Aeria Games and Entertainment

Authority:
Thawte, Inc.

Valid from:
1/24/2012 7:00:00 PM

Valid to:
1/24/2014 6:59:59 PM

Subject:
CN=Aeria Games and Entertainment, O=Aeria Games and Entertainment, L=Santa Clara, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1A25B9207D56560561E712462DE87F87

File PE Metadata
Compilation timestamp:
10/4/2012 1:24:25 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:hRVSLl1fH0oPQR5AV/mVyYJ4V5NThEzZ0NSj9Ms5GH8dkIaSd:hDSHP0oowV/AJ4VfThUaNy+s8h4d

Entry address:
0x21871

Entry point:
E8, 0A, 72, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 83, 65, FC, 00, 56, 8B, 75, 08, 85, F6, 75, 16, E8, 50, 11, 00, 00, 6A, 16, 5E, 89, 30, E8, E3, 45, 00, 00, 8B, C6, E9, 0C, 02, 00, 00, 6A, 24, 68, FF, 00, 00, 00, 56, E8, 2E, E8, FF, FF, 8B, 45, 0C, 83, C4, 0C, 85, C0, 74, D3, 8B, 08, 8B, 40, 04, 89, 4D, F0, 89, 45, F4, 83, F8, FF, 7F, 16, 7C, 08, 81, F9, 40, 57, FF, FF, 73, 0C, E8, 09, 11, 00, 00, 6A, 16, 5E, 89, 30, EB, BC, 83, F8, 07, 7C, 0A, 7F, ED, 81, F9, CF, 26, 41, 93, 77, E5...
 
[+]

Entropy:
7.1960

Code size:
197.5 KB (202,240 bytes)

The file Setup.exe has been seen being distributed by the following URL.

http://download.aeriagames.com/files/games/de/tribesascend/.../tribesascend_de_downloader.exe

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.