home

Setup.exe

QUALCOMM Setup

QUALCOMM Incorporated

This is a self-extracting archive and installer. The file has been seen being downloaded from doc-08-50-docs.googleusercontent.com and multiple other hosts.
Publisher:
QUALCOMM, Inc.  (signed by QUALCOMM Incorporated)

Product:
QUALCOMM Setup

Version:
1.0.0.0

MD5:
6099dff4878f020abb85a520235941d5

SHA-1:
aa9956c9756a42abb2e35b6bbbb7cafe4efaa74c

SHA-256:
a8567a50adfb307cdc979a8627045d33b42c18350e50191f7052241e7bdafc8e

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/5/2024 11:48:03 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.Bredavi.sxcsl
0.26.0.55532

Trend Micro House Call
TROJ_GEN.F47V0530
7.2.363

Vba32 AntiVirus
Backdoor.Bredavi
3.12.24.3

File size:
8.1 MB (8,455,048 bytes)

Product version:
1.0.0.0

Copyright:
(c) QUALCOMM, Inc. All rights reserved.

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\qcom usb driver\setup.exe

Digital Signature
Signed by:
QUALCOMM Incorporated

Authority:
VeriSign, Inc.

Valid from:
9/6/2012 2:00:00 AM

Valid to:
9/7/2014 1:59:59 AM

Subject:
CN=QUALCOMM Incorporated, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=QCT, O=QUALCOMM Incorporated, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
680D11F6DEDE16FDAAEF845BD1741879

File PE Metadata
Compilation timestamp:
10/27/2012 1:33:23 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:E+tPHwBW3gYrtIXgWfJqOFdv5Wr/lDuvsivd7uA0yPi9x0rgG9Vba8cTfqVVoV94:E8HqXBf4JZKka7WyiCWLq0Ne

Entry address:
0xF8791

Entry point:
E8, B2, 6E, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, D8, 46, 56, 00, 75, 02, F3, C3, E9, 39, 6F, 00, 00, 8B, 41, 04, 85, C0, 75, 05, B8, 6C, 29, 54, 00, C3, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 57, 8B, F9, 74, 2D, 56, FF, 75, 08, E8, 22, 18, 00, 00, 8D, 70, 01, 56, E8, 5D, 11, 00, 00, 59, 59, 89, 47, 04, 85, C0, 74, 11, FF, 75, 08, 56, 50, E8, FF, 6F, 00, 00, 83, C4, 0C, C6, 47, 08, 01, 5E, 5F, 5D, C2, 04, 00, 8B, FF, 56, 8B, F1, 80, 7E, 08, 00, 74, 09, FF, 76, 04, E8, BE, 11, 00, 00, 59, 83, 66, 04, 00, C6, 46...
 
[+]

Code size:
1.1 MB (1,159,680 bytes)

The file Setup.exe has been discovered within the following program.

andriod_usb_driver  by andriod
About 3% of users remove it
 
Powered by Should I Remove It?

The file Setup.exe has been seen being distributed by the following 9 URLs.

https://doc-08-50-docs.googleusercontent.com/docs/securesc/dh89rr2vvtnlt13mbutf7b0kspqpouka/825avpeke8kh64gtmcnuf9sp2hk8fdtu/1487700000000/09779884624966935521/.../0BxSHUEybMlBTNDk0UU52VmN6ems?e=download

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

https://doc-0g-0s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5b239mtam94tk8vk8ki6bmpem4k70302/1481565600000/09779884624966935521/.../0BxSHUEybMlBTNDk0UU52VmN6ems?e=download

https://docs.google.com/uc?authuser=0&id=0B51aICVxW9-eOV9BVXdCVVNWNGM&export=download

https://docs.google.com/uc?id=0B51aICVxW9-eOV9BVXdCVVNWNGM&export=download

https://doc-0o-a4-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4mrl4hrhpr0f0joiaus8lger8f9sd92l/1476338400000/11422141654495643516/.../0B51aICVxW9-eOV9BVXdCVVNWNGM?e=download

https://mega.nz/temporary/.../dcJ1lTjC

http://dc372.4shared.com/download/.../QDLoader_HS-USB_Driver_32bit_S.exe

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../dcJ1lTjC

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.