home

setup242.exe

MD5:
ed280a0ea3cc38f3cbbc747acfbef47d

SHA-1:
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc

SHA-256:
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 9:28:39 AM UTC  (today)

File size:
49 Bytes

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\temp\setup242.exe

File PE Metadata
OS version:
13256.71

OS bitness:
Win16

Linker version:
249.4

CTPH (ssdeep):
3:CUO/RD/wlHrfx/n:oD2/n

Entry address:
0x2000001

Entry point:
47, 49, 46, 38, 39, 61, 01, 00, 01, 00, 91, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, 00, 00, 00, 21, F9, 04, 01, 00, 00, 02, 00, 2C, 00, 00, 00, 00, 01, 00, 01, 00, 00, 02, 02, 54, 01, 00, 3B...
 
[+]

Entropy:
3.0022

Code size:
32 MB (33,554,433 bytes)

The file setup242.exe has been seen being distributed by the following 2 URLs.

http://ads.brand.net/1x1_anx.gif?uid=2524076490774115406

https://liteapps.mcafee.com/apps/mss/3.11/.../spacer.gif

Scan setup242.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.