home

setup.exe

The application setup.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from files.airdwnlas.com.
MD5:
425d1019aa5512f8826230784eff2bf0

SHA-1:
bdd10e86921e8f04fea67b91a3975604c26c7eba

SHA-256:
b58f4667fc631287b736802482a0e18e35308ad9113534d5c483626ae2837e11

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 3:16:21 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Adware-BZI [PUP]
160708-3

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.519742
16.07.16

Norman
Gen:Variant.Adware.Kazy.519742
19.05.2016 01:04:49

Reason Heuristics
Adware.Generic.AT (M)
16.7.16.13

File size:
906 KB (927,716 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup.exe

File PE Metadata
Compilation timestamp:
8/22/2014 3:57:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:2C70G5segfPAIvosCHWiCxGRp2k+KQsM6/:2C7INgI8/sGNQsMG

Entry address:
0x29F2B0

Entry point:
00, 00, 01, 00, 09, 04, 00, 00, 70, 02, 00, 00, EC, 19, 2A, 00, 34, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, 98, 02, 00, 00, 24, 1B, 2A, 00, 34, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, C0, 02, 00, 00, 5C, 1C, 2A, 00, 34, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00...
 
[+]

Code size:
844 KB (864,256 bytes)

The file setup.exe has been seen being distributed by the following URL.

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013514278.347935.1f0c119c0c.3914.8a92ccad826bdb9e343fd1f656486fb7

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.