home

Setup.exe

ODM

DisplayTime Software Inc.

The file Setup.exe, “Open Downloader Manager” by DisplayTime Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Scriptable Install System installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.
Publisher:
InstallerTech Corp  (signed by DisplayTime Software Inc.)

Product:
ODM

Description:
Open Downloader Manager

Version:
3.0.0.0

MD5:
1a788539a18dbca0d948b2b07c6e6a5c

SHA-1:
c0d296048f90a3f5150857ebcd3b53aedfed0379

SHA-256:
5584e92f0d9e4d7bbed20b23bf78e03fddabae7396de588132a6db752d0e0618

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 5:33:01 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer (M)
16.11.1.10

File size:
447.5 KB (458,272 bytes)

Copyright:
(c) InstallerTech Corp. 2015

Installer:
Nullsoft Scriptable Install System

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
DisplayTime Software Inc.

Authority:
Symantec Corporation

Valid from:
3/28/2015 7:00:00 PM

Valid to:
3/28/2016 6:59:59 PM

Subject:
CN=DisplayTime Software Inc., O=DisplayTime Software Inc., L=Dover, S=Delaware, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
228497A322D9856469F6265504405920

File PE Metadata
Compilation timestamp:
12/5/2009 4:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:2BTCOykx3PEo1twMaJ9s+3+O8j3flXQNjAX:eJbxcok9sBHzfZQG

Entry address:
0x30CB

Entry point:
00, 37, E9, D9, 00, 37, EF, EF, 00, 37, F4, 2F, 00, 37, F9, 71, 00, 38, 0B, 47, 00, 38, 0E, E8, 00, 38, 14, 2E, 00, 38, 17, 43, 00, 38, 2C, 84, 00, 38, 2F, C3, 00, 38, 35, 87, 00, 38, 38, BC, 00, 38, 4A, E7, 00, 38, 4D, C9, 00, 38, 51, 38, 00, 38, 55, CF, 00, 38, 66, 19, 00, 38, 6A, E4, 00, 38, 6E, 9E, 00, 38, 73, 63, 00, 38, 82, 44, 00, 38, 85, BF, 00, 38, 8A, BD, 00, 38, 8D, BD, 00, 38, 9B, AE, 00, 38, 9E, 2E, 00, 38, A1, FC, 00, 38, A4, C7, 00, 38, B6, F9, 00, 38, BA, 04, 00, 38, BD, B3, 00, 38, C2, FF...
 
[+]

Entropy:
7.9095  (probably packed)

Code size:
22.5 KB (23,040 bytes)

Remove Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.