» setup.exe
Overview
Analysis
File Details
Downloads (1)

setup.exe

Single Drip Interactive

The application setup.exe by Single Drip Interactive has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from files4.downloadnet1184.com.

File name:

setup.exe

Publisher:

Precise Modern System Installer (signed by Single Drip Interactive)

Product:

Precise Modern System Installer

Version:

44.8.7.8361

MD5:

4ddfac855ee7d9fd9a682cb3fcda463a

SHA-1:

8c4823228f10533a28a99f71f64b45251d6fa79d

SHA-256:

a57d9ef7ad9030942a6826b8acb7080bcf6afb6ea3a2ab700be3aef13739fb98

Scanner detections:

23 / 68

Status:

Potentially unwanted

Explanation:

Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:

11/15/2024 4:38:10 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.DownloadAdmin.2

395

AhnLab V3 Security

PUP/Win32.DownloadAdmin

2015.10.27

avast!

Win32:DownloadAdmin-AR [PUP]

2014.9-160105

AVG

Generic

2017.0.2873

Bitdefender

Gen:Variant.Application.Bundler.DownloadAdmin.2

1.0.20.25

Bkav FE

W32.HfsAdware

1.3.0.7383

Dr.Web

Trojan.Vittalia.388

9.0.1.05

ESET NOD32

Win32/DownloadAdmin.N potentially unwanted (variant)

10.12469

Fortinet FortiGate

Riskware/DownloadAdmin

1/5/2016

F-Prot

W32/DownloAdmin.B.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Bundler

11.2016-05-01_3

G Data

Gen:Variant.Application.Bundler.DownloadAdmin

16.1.25

IKARUS anti.virus

PUA.DownloadAdmin

t3scan.1.9.5.0

McAfee

DownloadAdmin

5600.6529

MicroWorld eScan

Gen:Variant.Application.Bundler.DownloadAdmin.2

17.0.0.15

NANO AntiVirus

Trojan.Win32.DownloAdmin.dwvurm

0.30.26.3947

Panda Antivirus

Generic Suspicious

16.01.05.01

Qihoo 360 Security

HEUR/QVM11.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.DownloadAdmin.SingleDripInteractive.Installer (M)

16.1.5.13

Sophos

Download Admin (PUA)

4.98

Vba32 AntiVirus

SScope.Downware.DownloadAdmin

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

44838

Zillya! Antivirus

Downloader.DownloAdmin.Win32.1540

2.0.0.2476

File size:

758.8 KB (777,048 bytes)

Product version:

44.8.7.8361

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\setup.exe

Digital Signature

Signed by:

Single Drip Interactive

Authority:

VeriSign, Inc.

Valid from:

7/30/2015 7:00:00 PM

Valid to:

7/30/2016 6:59:59 PM

Subject:

CN=Single Drip Interactive, O=Single Drip Interactive, L=San Francisco, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4C47736865F1C72925FAF989997399AA

File PE Metadata

Compilation timestamp:

8/4/2014 1:47:13 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:R6dHwlStB1Jhc+CHdEEKSOeMp1w3dZY1myqW6GTb8xukulxU/tC09NZRF9c8pxvR:ottbJ49EEOJpYe1my16GHwuLU/LZRF95

Entry address:

0x1EFD70

Entry point:

60, BE, 00, 60, 53, 00, 8D, BE, 00, B0, EC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Entropy:

7.9217

Packer / compiler:

UPX 2.90LZMA

Code size:

744 KB (761,856 bytes)

The file setup.exe has been seen being distributed by the following URL.

http://files4.downloadnet1184.com/download/.../dl?bc=1191729&pid=adknowledge&brand=adknowledge.com&aid=adk&s=adsupplymfusie&c=EMB02&country=US&osName=Windows&osVersion=7&browserName=IE&browserVersion=11&cb=1418725829&filename=setup.exe&productKey=ztqky3cqdiwfzjymhrrwtntskv6wos3c&zTmp=1&executable=1188405

Remove setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.