» setup.exe
Overview
Analysis
File Details
Programs (4)
Downloads (8)

setup.exe

InstallShield

InstallShield Software Corporation

File name:

setup.exe

Publisher:

InstallShield Software Corporation

Product:

InstallShield®

Description:

32-bit Setup Launcher

Version:

5, 50, 137, 0

MD5:

1e013f8d89f59ce39c7fa9bc8bd3a166

SHA-1:

bdbcbd779bc62d6729fcc72b2966a45ab674099c

SHA-256:

a6d2f8b9173fd43f03aabff0b8cc3fadbd0b15224bcbe5f562a32158a297b502

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/15/2024 2:19:26 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.Clodee5.Trojan

1.3.0.4613

File size:

70 KB (71,680 bytes)

Product version:

5, 50

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\visual\disk1\setup.exe

File PE Metadata

Compilation timestamp:

10/2/1998 7:04:31 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.10

CTPH (ssdeep):

1536:1Gc7yxnco3lRn+efytGTVCSLjmbWmAfgdwO3VgneF:1GgGnb3lR5ytGZCS6xA4aYgeF

Entry address:

0x7BF0

Entry point:

55, 8B, EC, 6A, FF, 68, B0, D2, 40, 00, 68, C8, 9C, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, A8, 53, 56, 57, 89, 65, E8, FF, 15, 8C, D1, 40, 00, 33, D2, 8A, D4, 89, 15, B0, 2B, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, AC, 2B, 41, 00, C1, E1, 08, 03, CA, 89, 0D, A8, 2B, 41, 00, C1, E8, 10, A3, A4, 2B, 41, 00, E8, 44, 1F, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 69, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00, E8, 2A, 1D, 00, 00, E8, 15, 1D, 00, 00, FF, 15, 90, D1, 40... 
[+]

Entropy:

5.8411

Developed / compiled with:

Microsoft Visual C++

Code size:

46.5 KB (47,616 bytes)

The file setup.exe has been discovered within the following programs.

e-Sword by Rick Meyers

e-Sword is a Bible study computer software package created by Rick Meyers and developed for Microsoft Windows. The user interface is available in twenty seven different languages. Resources are available in over eighty languages.

www.e-sword.net

6% remove it

Heatmiser PCLink Lite by Heatmiser

www.heatmiser.co.uk

About 8% of users remove it

Master of Orion II by GamersGate

Master of Orion II is a video game distributed on the GamersGate game store which uses a micros-download client.

www.gamersgate.com

About 3% of users remove it

Roxio PhotoSuite 5 by Roxio

www.roxio.com

12% remove it

The file setup.exe has been seen being distributed by the following 8 URLs.

https://doc-0g-80-docs.googleusercontent.com/docs/securesc/f8j4hijnfofcg8mvnor90c94po572afd/i2jp180pdq1s5gkgalq9fim1qvcjd9gu/1478160000000/07192142725727824997/.../0BzSKdW20Y-_PRFZYUVlVYjZxWVE?e=download

http://sa.dll-overhaul.com/.../1470.exe

http://www.k9pcfixer.com/downloadip_allcs_dcom.asp?utm_source=p9stnsec&utm_campaign=p9stnsec_glo7

http://get.default-page.com/.../Get?p=3022&d=3509&l=1694&n=0&d1=1&clickid=ZkdXVpZD00Mjc3M2ZiZC0xOGQ1LTRmZjQtYTcxOC05MDEzNTBiODBkYjY

ftp://ftp.saude.gov/SOFTWARE_SUPORTE/N?O HOMOLOGADOS/EDITOR DE IMAGEM/.../Setup.exe

ftp://10.162.10.22/FTP/Estacion 264/.../Setup.exe

http://storagenl.info/.../?installer_file_name=setup

http://higheredbcs.wiley.com/legacy/college/moran/0470495901/.../Setup.exe

Scan setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.