home

Setup.exe

ODM

DisplayTime Software Inc.

The file Setup.exe, “Open Downloader Manager” by DisplayTime Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Scriptable Install System installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.
Publisher:
InstallerTech Corp  (signed by DisplayTime Software Inc.)

Product:
ODM

Description:
Open Downloader Manager

Version:
3.0.0.0

MD5:
ee19d21581e07c0479e3edb9ca20c90c

SHA-1:
b9f7da038cea5ef0444fb66b6b9de0843d42f1fb

SHA-256:
f7c53c934f5dabb2656dcf455cff563e68676ca35fb9e1ad6a1a5ea60d7474c5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 5:48:59 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer (M)
16.10.3.5

File size:
447.5 KB (458,272 bytes)

Copyright:
(c) InstallerTech Corp. 2015

Installer:
Nullsoft Scriptable Install System

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
DisplayTime Software Inc.

Authority:
Symantec Corporation

Valid from:
3/28/2015 7:00:00 PM

Valid to:
3/28/2016 6:59:59 PM

Subject:
CN=DisplayTime Software Inc., O=DisplayTime Software Inc., L=Dover, S=Delaware, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
228497A322D9856469F6265504405920

File PE Metadata
Compilation timestamp:
12/5/2009 4:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:DZTCOykx3PEo1twMaJ9s+3FO8j3flXQNjAX:DdJbxcok9saHzfZQG

Entry address:
0x30CB

Entry point:
A2, B2, AF, 51, 61, 2E, E3, AA, E1, 7E, 0D, 93, A6, 52, EA, B8, 02, A6, C4, 92, D9, D9, E4, BF, 04, 37, 6B, 08, 42, 9A, 94, 4F, 1A, AA, 76, A3, B3, F5, D7, CD, FB, 27, C6, 6F, AC, 35, E4, E2, 24, 86, 2A, 2F, A2, B7, 35, F8, 3B, A0, 99, B5, F1, C4, 85, EF, D5, 36, D8, D6, 33, 96, 95, CF, 83, F6, 23, 42, E8, D9, 5C, 8E, 46, D9, AC, 42, 7D, 4E, 9C, 62, 8B, 59, 7C, D4, 28, 89, 8F, EA, 13, C4, F5, 18, 70, 33, 5B, 05, 81, AD, F1, BB, 72, D3, FC, A9, EF, A3, 5D, 0B, C2, A6, 4A, E4, 9F, 57, E2, FD, AB, 21, 4B, DF...
 
[+]

Entropy:
7.9148  (probably packed)

Code size:
22.5 KB (23,040 bytes)

Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.