home

setup.exe

This is a setup and installation application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from get.file2desktop.com and multiple other hosts.
MD5:
7b396dd3e56b4a481cbdd4f5d0b30560

SHA-1:
ba2a9b4d279f69eecf45bf5d727e02bac4b88d31

SHA-256:
8308bd793e4c7657bf7afef1ea8ca8ccbb9424a841aa356f57568e55b4e60778

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 6:35:40 PM UTC  (today)

File size:
21.5 KB (22,016 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\electronic arts\need for speed carbon\setup.exe

File PE Metadata
Compilation timestamp:
7/6/2006 6:41:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
7.10

CTPH (ssdeep):
384:wOMtYcLo3FjnA0iVEARybgS1CxJ8ILvHGlFXgvY1NvJml:wOMqFhnAZyx0S1Cn8ITUlGOsl

Entry address:
0x109A

Entry point:
6A, 18, 68, F8, 50, 40, 00, E8, 0E, 0D, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 5E, 0E, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 0C, 50, 40, 00, 8B, 4E, 10, 89, 0D, D8, 72, 40, 00, 8B, 46, 04, A3, E4, 72, 40, 00, 8B, 56, 08, 89, 15, E8, 72, 40, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, DC, 72, 40, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, DC, 72, 40, 00, C1, E0, 08, 03, C2, A3, E0, 72, 40, 00, 33, FF, 57, FF, 15, 04, 50, 40, 00, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
15 KB (15,360 bytes)

Scheduled Task
Task name:
{129E4B10-4AF2-4E10-979D-8C34918F3B9F}

Trigger:
Registration (Runs on registration)


The file setup.exe has been discovered within the following programs.

DiRT2  by Codemasters
Publisher's description - “DiRT 2 will take players on a World Tour to compete in aggressive multi-car and intense solo race events in the most diverse and challenging real-world environments. Career paths will span the globe.”
www.codemasters.com
3% remove it
Medal of Honor 2010  by BaRaN
www.BaRaN.com
About 1% of users remove it
MEGAsync  by Mega Limited
www.mega.co.nz
About 2% of users remove it
Need for Speed - Carbon  by R.G. Mechanics, markfiter
tapochek.net
About 4% of users remove it
Need for Speed - Undercover  by R.G. Mechanics, markfiter
About 9% of users remove it
Need For Speed Under Cover  by New Tech
www.Newtech.ws
About 2% of users remove it
Need for Speed Undercover  by SCC-TDS
www.scc-tds.com
About 1% of users remove it
Need for Speed: Carbon  by IgroMir
About 6% of users remove it
Need for Speed™ Undercover  by Electronic Arts
Need for Speed: Undercover is the 12th installment of the popular racing video game series Need for Speed, developed by EA Black Box and published by Electronic Arts (EA). Undercover features a new open world map.
www.ea.com
3% remove it
Project64 1.6  by Project64
Publisher's description - “Project64 is a Nintendo 64 emulator for Windows by Zilmar, Jabo, Tooie and Witten. Project64 or PJ64 dates back to its first public release Project64 v1.0 in May 26th 2001. Project64 is an emulator designed to emulate a Nintendo64 video game system on a Microsoft Windows based PC.”
www.pj64.net
About 7% of users remove it
 
Latest 20 of 12 programs
Powered by Should I Remove It?

The file setup.exe has been seen being distributed by the following 10 URLs.

http://get.file2desktop.com/.../Get?p=5492&d=19036&l=6303&n=1&productname=Setup.exe&d1=NUMBER&d2=NUMBER&d3=NUMBER&d4=NUMBER&d5=NUMBER&filename=Setup&clickid=w5Q9DHGQAM8UT80EG04HCI72

http://www.mycashbar.com/.../setup.exe

http://www.official-drivers.com/setup.exe

http://az801920.vo.msecnd.net/.../Setup.exe

http://k9pcfixer.com/downloadip_allcs_dcom.asp?utm_source=dcomnew_mpu&utm_campaign=dcomnew_mpu

http://s6039.chomikuj.pl/File.aspx?e=LR46Mgj93H4AZwrdG010LOcsw2mbJiAn42JZkORyQPWpQt6ka48wf-MrkOwbfydlm_4IQLdUcGz6qMpJumTZvM0gF7Ehv1RlCmeq7Fl6wp6j2tNH0BM1ieqHmP0CcCQD&pv=2

http://file.imetin.pl/Setup.exe

http://j-fitness-may.holographicmobile.net:8080/redict/.../redict.php?kw2=lp2&kw1=j-starwars5-us32&c=us

http://www.fraps.com/.../setup.exe

http://www.supertuneup.com/downloadip_allcs.asp?utm_source=nes79_sec&utm_campaign=nes79_sec

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.