setup.exe

成都共软网络科技有限公司

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from coolfiles.toget.com.tw.
Publisher:
共軟網絡   (signed by 成都共软网络科技有限公司)

Description:
Windows優化大師

Version:
7.78.7.1119

MD5:
cd68b2ba36b7d71d451ea3b061f35231

SHA-1:
91c71d3b42d8b29429e5963bb7d2404d50c197b9

SHA-256:
82d81d0402c62f2f820c6c3c310c58ae80500629f5241112f7d7509b90090f42

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 12:17:15 PM UTC  (today)

File size:
3.3 MB (3,435,128 bytes)

Copyright:
Copyright (C) 2000-2007 共軟網絡

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Authority:
WoSign, Inc.

Valid from:
11/19/2007 8:00:00 AM

Valid to:
11/19/2008 7:59:59 AM

Subject:
CN="Chengdu Gongruan Network Technology Co.,Ltd.", OU=Class 3 - for Microsoft Authenticode Signing, O=成都共软网络科技有限公司, L=成都市, S=四川省, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
5C7F260ADB880A7DBCE9A2ADB47241DE

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:foIMnDdFyqYw5MKoEcNzCInUIi9Jzoa/r8Wh:gvnBFDoEczCqUlfd

Entry address:
0x9A54

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 72, 96, FF, FF, E8, 79, A8, FF, FF, E8, A4, CA, FF, FF, E8, EB, CA, FF, FF, E8, 12, F3, FF, FF, E8, 79, F4, FF, FF, 33, C0, 55, 68, 02, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, CB, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 06, FA, FF, FF, 8D, 55, F0, 33, C0, E8, B0, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 23, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9977

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file setup.exe has been seen being distributed by the following URL.

Scan setup.exe - Powered by Reason Core Security