home

setup.exe

Setup Factory 8.0 Runtime

The program is a setup application that uses the Setup Factory installer. The file has been seen being downloaded from www.ncc.edu.pk.
Product:
Setup Factory 8.0 Runtime

Description:
Setup Application

Version:
8.1.1000.0

MD5:
0c5eba46ed872afb2a0eb474f543013c

SHA-1:
e335f98f35ed3f46fc7a566aae0c88c16fe77690

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 10:16:08 AM UTC  (today)

File size:
14.1 MB (14,740,406 bytes)

Product version:
8.1.1000.0

Copyright:
Setup Engine Copyright © 2004-2008 Indigo Rose Corporation

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:
suf80_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\setup.exe

File PE Metadata
Compilation timestamp:
7/31/2008 10:22:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:e7vtmFZkcFdHsWpcPetqwRG7YJRZ63Nckne:eLtmbks/cwpUNTne

Entry address:
0x2FB9

Entry point:
1B, C9, 4D, 8D, 2D, 1A, 33, 00, 86, 4A, 89, FB, 80, FA, 2D, 81, E1, 6F, D5, EA, C5, 89, D8, B7, 92, 3B, F7, 76, 09, 0A, FD, 08, C3, BF, 82, AD, 3D, 1E, 81, FD, B7, BB, 00, 00, 76, 03, 0F, B6, F2, 68, 02, 00, 00, 00, 21, CD, 05, 94, 86, 77, 06, 5A, C6, C1, 57, 81, C2, 6F, 05, 00, 00, 85, D5, 77, 08, 8D, 1D, B5, 3B, 84, 93, 86, FC, 77, 07, F6, C4, F5, 0F, AF, DA, F2, 80, FF, C9, F2, FF, C1, 81, EA, A7, FF, FF, FF, 25, 8F, 13, 24, 15, 09, F8, F3, 81, EA, 5A, 00, 00, 00, 88, E3, 0F, B7, FA, C6, C0, 91, F6, C0...
 
[+]

Entropy:
7.9985  (probably packed)

Code size:
28 KB (28,672 bytes)

The file setup.exe has been seen being distributed by the following URL.

http://www.ncc.edu.pk/.../Setup.exe

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.