Setup.exe

Daanav App List

MS Daanav Softwares

The file Setup.exe, “Daanav Applications Installed Lister ” by MS Daanav Softwares has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser.
Publisher:
Daanav Softwares   (signed by MS Daanav Softwares)

Product:
Daanav App List

Description:
Daanav Applications Installed Lister

Version:
1.0

MD5:
9f706b62efd633cfd63e9483753e0c02

SHA-1:
d84485029189f86933cddbca383efa5c296face1

SHA-256:
aab69b117f84ee4da4b40f46afe806e19a1676d2fd0170b7eb778664bb4d7cd7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/16/2024 7:47:24 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.CSH (L)
17.2.3.21

File size:
307.1 KB (314,464 bytes)

Product version:
1.0

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Authority:
Starfield Technologies, Inc.

Valid from:
11/27/2012 9:19:57 AM

Valid to:
11/27/2013 9:19:57 AM

Subject:
CN=MS Daanav Softwares, O=MS Daanav Softwares, L=Panaji, S=Goa, C=IN

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
048630AA04E1CE

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Entropy:
7.8913

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

Remove Setup.exe - Powered by Reason Core Security