home

setup.exe

Super Download Media

The application setup.exe by Super Download Media has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Super Download Media  (signed and verified)

Product:
Super Download Media

Version:
4.8.7.3330

MD5:
6c22906ce9c38c8e057a36763f28e83e

SHA-1:
f42352812c6bffc100d4508a8d31467a682b1917

SHA-256:
8c9a8339d3c6c3a58ddb92c8036eb9486ddf801d79b7d1d6046171234ab698e6

Scanner detections:
8 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
12/28/2024 5:15:15 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.Vittalia.958
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
10.0.0.5366

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted application
7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
5.15.21

Microsoft Security Essentials
Threat.Undefined
1.213.2111.0

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
05.01.2016 09:44:05

Reason Heuristics
PUP.DownloadAdmin (M)
16.1.15.12

VIPRE Antivirus
Threat.4150696
46260

File size:
883.8 KB (905,056 bytes)

Product version:
4.8.7.3330

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Super Download Media

Authority:
VeriSign, Inc.

Valid from:
10/27/2015 7:00:00 PM

Valid to:
10/27/2016 6:59:59 PM

Subject:
CN=Super Download Media, O=Super Download Media, L=oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
539371EF08EBEEE27231F295906A4B51

File PE Metadata
Compilation timestamp:
11/25/2014 12:52:53 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:uIfWCyIvqyFUxigjxKPx7OUinhjIGB9aiUaMU/DmuqNZw3Z6gRNa3bkm:uI93l8igjxKPx76hcGBU1VeDUu4ia34m

Entry address:
0x4428

Entry point:
E8, F3, 90, 00, 00, E9, F1, 89, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 83, EC, 20, B9, 1E, 00, 00, 00, 8D, 04, 24, EB, 03, 8D, 49, 00, C6, 00, 00, 40, 83, E9, 01, 75, F7, 53, 55, 8B, 6C, 24, 2C, 56, 8B, C5, 57, 8D, 50, 01, 8A, 08, 40, 84, C9, 75, F9, 2B, C2, 8B, F8, 8D, 5F, 02, 53, FF, 15, 00, F2, 40, 00, 83, C4, 04, 53, 8B, F0, 55, 56, FF, 15, 58, F0, 40, 00, C6, 04, 3E, 00, C6, 44, 3E, 01, 00, 8D, 4C, 24, 10, B8, 14, 04, 00, 00, 51, 89, 74, 24, 1C, C7, 44, 24, 18, 03, 00, 00, 00...
 
[+]

Entropy:
7.9642  (probably packed)

Code size:
53.5 KB (54,784 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.