home

Setup.exe

The file Setup.exe has been detected as malware by 2 anti-virus scanners. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from www.idownloadsnow.com and multiple other hosts.
MD5:
ad402d96e06e699fef6e2929626b4aff

SHA-1:
99c1beb19a5f1192f6b4e5bd2ffeb3018b9b9ca7

SHA-256:
59f721b31b42a37467fdb368ead906b22251dbbb3807531a5ea12a92210ba64e

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
11/15/2024 9:23:05 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.18.10

Trend Micro House Call
Suspicious_GEN.F47V0302
7.2.183

File size:
1.2 KB (1,183 bytes)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6:idquvVg3F+X326e8peaPSQ83Jeb+d5ZAV6LWuEyV+TrXL8tTMfibFv/EluKBxEag:e1GSG6e8psMSdwwWtTvIMfURmF7Ehj

Entry address:
0x323C

Entropy:
3.0775

Code size:
23 KB (23,552 bytes)

The file Setup.exe has been seen being distributed by the following 2 URLs.

http://www.idownloadsnow.com/.../dlsecureTb_1.0.4.1.exe

http://www.usearchmedia.com/.../dlsecureTb_1.0.4.1.exe

Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.