» setup.exe
Overview
Analysis
File Details
Downloads (10)

setup.exe

Tally Update

Tally Solutions Private Limited

This is a self-extracting archive and installer. The file has been seen being downloaded from mirror.tallysolutions.com and multiple other hosts.

File name:

setup.exe

Publisher:

Tally Solutions Pvt. Ltd. (signed by Tally Solutions Private Limited)

Product:

Tally Update

Description:

Tally Update Setup

Version:

1.0.1.0

MD5:

ba168925662cd5d388641f81ddd06c16

SHA-1:

fa11608cde6bdd1b0a34bb8921fbb063207309a4

SHA-256:

5f21d78f4c4343d91389ce35dfabe8a34781104b2f8b40f9873b9b39f4c0fe01

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 3:41:24 AM UTC (today)

File size:

59.9 MB (62,799,648 bytes)

Product version:

1.0.1.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\setup.exe

Digital Signature

Signed by:

Tally Solutions Private Limited

Authority:

Symantec Corporation

Valid from:

2/18/2016 5:30:00 AM

Valid to:

3/20/2019 5:29:59 AM

Subject:

CN=Tally Solutions Private Limited, OU=RnD, O=Tally Solutions Private Limited, L=Bangalore, S=Karnataka, C=IN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4F966789BA4CE00242D910B210FAE6F4

File PE Metadata

Compilation timestamp:

5/14/2016 7:26:10 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1572864:TOCdoZ5TkCR089qNdieqTK5uxwZErw0B1/h4wgCoYT:i8oLeKyieqHxQx0h4LE

Entry address:

0x2BE90

Entry point:

B8, 00, A2, 27, 04, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 15, 5D, 49, B3, 92, 4B, 38, 08, E6, 5E, 61, 61, 2C, 21, CA, 5C, 7D, 81, 3D, 00, E8, FE, E6, A9, 50, CE, AF, B8, 96, D7, 76, F6, 9A, F8, E7, 93, 21, 2D, 2F, 4F, A0, 7C, C1, 20, 8B, 08, 9E, 69, C5, 86, 34, 9D, 15, 95, 92, 4D, B5, 57, E3, B1, 05, 80, 74, 5A, 31, 51, A0, 87, 80, 32, 65, 13, B5, 98, 6B, 8D, A5, 25, E9, AA, B0, C7, 3C, 7E, F1, CE, 41, 23, C4, 96, DD, F4, 42... 
[+]

Entropy:

8.0000

Packer / compiler:

PECompact v2

Code size:

1.2 MB (1,266,688 bytes)

The file setup.exe has been seen being distributed by the following 10 URLs.

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Offline Installer&strFileID=242&strRemoteIP=103.207.52.9

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=242

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5_GOLD/TE9/.../&strRemarks=Sample remarks&strFileID=21

https://www.google.com/url?hl=en&q=http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=242&source=gmail&ust=1465009537793000&usg=AFQjCNEiOl8qVjIHVbyv-40S9bMfUXDBQQ

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Offline Installer&strFileID=242&strRemoteIP=49.206.211.228

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=242&strRemarks=Offline Installer

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=244&strRemarks=Sample remarks

http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=242&strRemoteIP=37.105.62.55

https://www.google.com/url?hl=en&q=http://mirror.tallysolutions.com/CXDownloadManagerStreamFile.php?strFileName=setup.exe&strFileLocation=R5.3.7_Gold/.../&strRemarks=Sample remarks&strFileID=242&source=gmail&ust=1463739209518000&usg=AFQjCNH4gSHgLb1CO8aKrIRfS39W_TruXw

http://www.tallysolutions.com/tallyweb/modules/admin/.../CDownloadManagerWIC.php?&strEventID=5&strFileID=242&strRemarks=Sample remarks

Scan setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.