home

Setup.exe

National Instruments Corporation

This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from ftp.ni.com and multiple other hosts.
Publisher:
National Instruments Corporation  (signed and verified)

MD5:
1955a4f3b2fa19724b55d99dfc778d4e

SHA-1:
d6d279fbe7f750376aa0781a80083378e5216c2d

SHA-256:
ea9208cd13c533e91e071842c94c010c48bc25457ca01d445fbb57f9bc3ffd0d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 11:50:17 PM UTC  (a few moments ago)

File size:
1.7 GB (1,810,502,464 bytes)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
National Instruments Corporation

Authority:
VeriSign, Inc.

Valid from:
3/26/2013 8:00:00 PM

Valid to:
6/25/2016 7:59:59 PM

Subject:
CN=National Instruments Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=National Instruments Corporation, L=Austin, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1E7FE10352FD672BDFDF21E6913B9410

File PE Metadata
Compilation timestamp:
11/2/2009 3:23:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
50331648:84v+L+xeIMtQzfc9DxsxeEMbYBIB4Vmb+w61V:tvduEfclxsxeEMbWi4sb+h

Entry address:
0xA79E

Entry point:
E8, 6E, 4A, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 20, 3C, 42, 00, 89, 0D, 1C, 3C, 42, 00, 89, 15, 18, 3C, 42, 00, 89, 1D, 14, 3C, 42, 00, 89, 35, 10, 3C, 42, 00, 89, 3D, 0C, 3C, 42, 00, 66, 8C, 15, 38, 3C, 42, 00, 66, 8C, 0D, 2C, 3C, 42, 00, 66, 8C, 1D, 08, 3C, 42, 00, 66, 8C, 05, 04, 3C, 42, 00, 66, 8C, 25, 00, 3C, 42, 00, 66, 8C, 2D, FC, 3B, 42, 00, 9C, 8F, 05, 30, 3C, 42, 00, 8B, 45, 00, A3, 24, 3C, 42, 00, 8B, 45, 04, A3, 28, 3C, 42, 00, 8D, 45, 08, A3, 34, 3C, 42, 00, 8B...
 
[+]

Entropy:
7.9992  (probably packed)

Code size:
72 KB (73,728 bytes)

The file Setup.exe has been seen being distributed by the following 2 URLs.

http://ftp.ni.com/support/softlib/multifunction_daq/nielvis/.../NIELVIS1500.exe

https://canopy.uc.edu/bbcswebdav/.../xid-36361826_1

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.