setup.exe

Software setup application

NTONYX Ltd.

This is a self-extracting archive and installer. The file has been seen being downloaded from www.levelupgames.com.br.
Publisher:
Eugene V. Muzychenko  (signed by NTONYX Ltd.)

Product:
Software setup application

Version:
1.6.3.448

MD5:
cc229b52771738b504ec165f040f7207

SHA-1:
ed3e6db0373b407d4d156c565aba44745c050ad0

SHA-256:
ea559378458caeb36235689e6e22ecc99a033dee3cf84f47830d28dd166e00d8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 5:52:07 AM UTC  (today)

File size:
63.4 KB (64,904 bytes)

Product version:
1.6.3.448

Copyright:
Copyright (C) 2002-2012 Eugene V. Muzychenko

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
12/30/2011 4:00:00 AM

Valid to:
1/9/2013 3:59:59 AM

Subject:
CN=NTONYX Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NTONYX Ltd., L="Novosibirsk ", S=Novosibirsk region, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
08E82AB1891AE793B013B3EE5D4DFD35

File PE Metadata
Compilation timestamp:
3/2/2012 11:54:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:p0RB3TunByE6AOQqu3aKwLQa6taHQCBo7v:p0veBy2ZqXhLQa6taHV0

Entry address:
0xC490

Entry point:
8B, FF, 56, FF, 15, 48, 11, 00, 01, 8B, F0, 80, 3E, 22, B0, 20, 75, 03, B0, 22, 46, 0F, BE, C0, 50, 56, E8, 41, FE, FF, FF, 83, C4, 08, 85, C0, 74, 0C, 8D, 48, 01, E8, 92, 02, 00, 00, 8B, F0, EB, 09, 56, FF, 15, AC, 10, 00, 01, 03, F0, 8B, CE, E8, 1B, A7, FF, FF, 50, FF, 15, 4C, 11, 00, 01, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 4D, 08, A1, BC, E2, 00, 01, 89, 0D, BC, E2, 00, 01, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8D, 9B, 00, 00, 00, 00...
 
[+]

Code size:
49.5 KB (50,688 bytes)

The file setup.exe has been seen being distributed by the following URL.

Scan setup.exe - Powered by Reason Core Security