» Setup.exe
Overview
Analysis
File Details
Downloads (1)

Setup.exe

ODM

InstallerTech Corp

The file Setup.exe, “Open Downloader Manager” by InstallerTech Corp has been detected as adware by 2 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from opendownloadmanager.com.

File name:

Setup.exe

Publisher:

InstallerTech Corp (signed and verified)

Product:

ODM

Description:

Open Downloader Manager

Version:

3.0.0.0

MD5:

373257a0bbe01037f432f86dfc6e7296

SHA-1:

f8597959fb0e6650c3b614542d0a7fbc58338a06

SHA-256:

46094d1bb8ee3eb451ab5cff9d1eafaf60886a88cb679cbe1ec5f736b3feeca0

Scanner detections:

2 / 68

Status:

Adware

Analysis date:

1/12/2025 2:16:25 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallerTechCorp

15.2.7.20

Rising Antivirus

NS:PUF.SilenceInstaller!1.9DDF

23.00.65.15205

File size:

424.2 KB (434,368 bytes)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

InstallerTech Corp

Authority:

COMODO CA Limited

Valid from:

6/18/2014 5:00:00 PM

Valid to:

6/19/2015 4:59:59 PM

Subject:

CN=InstallerTech Corp, O=InstallerTech Corp, STREET=407 Lincoln Road, STREET=Suite 502, L=Miami Beach, S=FL, PostalCode=33139, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00A50353866E7DB3C6A8DA105AAE14C4A4

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:XyJfQRu+TjmNp8FGO8j3flXQNjAFOgz6i:iJINTjmWGHzfZQqO2

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.8989

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file Setup.exe has been seen being distributed by the following URL.

http://opendownloadmanager.com/startsetup.php

Remove Setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.