setup.exe

Single Drip Interactive

The application setup.exe by Single Drip Interactive has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from files4.downloadnet1184.com.
Publisher:
Precise Modern System Installer  (signed by Single Drip Interactive)

Product:
Precise Modern System Installer

Version:
44.8.7.8361

MD5:
4ddfac855ee7d9fd9a682cb3fcda463a

SHA-1:
8c4823228f10533a28a99f71f64b45251d6fa79d

SHA-256:
a57d9ef7ad9030942a6826b8acb7080bcf6afb6ea3a2ab700be3aef13739fb98

Scanner detections:
23 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
12/27/2024 6:39:37 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.2
395

AhnLab V3 Security
PUP/Win32.DownloadAdmin
2015.10.27

avast!
Win32:DownloadAdmin-AR [PUP]
2014.9-160105

AVG
Generic
2017.0.2873

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.2
1.0.20.25

Bkav FE
W32.HfsAdware
1.3.0.7383

Dr.Web
Trojan.Vittalia.388
9.0.1.05

ESET NOD32
Win32/DownloadAdmin.N potentially unwanted (variant)
10.12469

Fortinet FortiGate
Riskware/DownloadAdmin
1/5/2016

F-Prot
W32/DownloAdmin.B.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Application.Bundler
11.2016-05-01_3

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
16.1.25

IKARUS anti.virus
PUA.DownloadAdmin
t3scan.1.9.5.0

McAfee
DownloadAdmin
5600.6529

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.2
17.0.0.15

NANO AntiVirus
Trojan.Win32.DownloAdmin.dwvurm
0.30.26.3947

Panda Antivirus
Generic Suspicious
16.01.05.01

Qihoo 360 Security
HEUR/QVM11.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.DownloadAdmin.SingleDripInteractive.Installer (M)
16.1.5.13

Sophos
Download Admin (PUA)
4.98

Vba32 AntiVirus
SScope.Downware.DownloadAdmin
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
44838

Zillya! Antivirus
Downloader.DownloAdmin.Win32.1540
2.0.0.2476

File size:
758.8 KB (777,048 bytes)

Product version:
44.8.7.8361

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/30/2015 7:00:00 PM

Valid to:
7/30/2016 6:59:59 PM

Subject:
CN=Single Drip Interactive, O=Single Drip Interactive, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4C47736865F1C72925FAF989997399AA

File PE Metadata
Compilation timestamp:
8/4/2014 1:47:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:R6dHwlStB1Jhc+CHdEEKSOeMp1w3dZY1myqW6GTb8xukulxU/tC09NZRF9c8pxvR:ottbJ49EEOJpYe1my16GHwuLU/LZRF95

Entry address:
0x1EFD70

Entry point:
60, BE, 00, 60, 53, 00, 8D, BE, 00, B0, EC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.9217

Packer / compiler:
UPX 2.90LZMA

Code size:
744 KB (761,856 bytes)

The file setup.exe has been seen being distributed by the following URL.

Remove setup.exe - Powered by Reason Core Security