setup3.exe

Worldwide Web Research

DOUBLE OPT MEDIA PARTNERS LLC

The application setup3.exe, “Setup Application” by DOUBLE OPT MEDIA PARTNERS has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the Setup Factory installer. It is also typically executed from the user's temporary directory.
Publisher:
Double Opt Media  (signed by DOUBLE OPT MEDIA PARTNERS LLC)

Product:
Worldwide Web Research

Description:
Setup Application

Version:
1.0.4.0

MD5:
1081b938fe007ecf95237afd5cc87cd4

SHA-1:
ee4967cf3a6d6e5621d95e6f71beab55b2de1290

SHA-256:
88e2f876b43a6d6c57a2c013a24b30a192a429049baec81b8f20771714689104

Scanner detections:
17 / 68

Status:
Adware

Analysis date:
12/25/2024 1:34:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2025005
696

Avira AntiVirus
TR/Rogue.6731000
7.11.215.52

avast!
Win32:Dropper-gen [Drp]
2014.9-150310

AVG
AdLoad.N
2016.0.3174

Bitdefender
Trojan.GenericKD.2025005
1.0.20.345

Dr.Web
Trojan.DownLoader11.45909
9.0.1.069

Emsisoft Anti-Malware
Trojan.GenericKD.2025005
8.15.03.10.05

F-Secure
Trojan.GenericKD.2025005
11.2015-10-03_3

G Data
Trojan.GenericKD.2025005
15.3.25

Malwarebytes
PUP.Optional.DOM.A
v2015.03.10.05

McAfee
Artemis!1081B938FE00
5600.6830

MicroWorld eScan
Trojan.GenericKD.2025005
16.0.0.207

nProtect
Trojan.GenericKD.2025005
15.03.09.01

Reason Heuristics
PUP.Installer.DoubleOpt Media
15.3.10.17

Vba32 AntiVirus
Trojan.Inject
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
38260

Zillya! Antivirus
Trojan.Inject.Win32.123591
2.0.0.2091

File size:
6.4 MB (6,731,000 bytes)

Product version:
1.0.4.0

Copyright:
Double Opt Media Copyright ?1992-2012 Double Opt Media

Trademarks:
Double Opt Media is a trademark of Double Opt Media

Original file name:
suf_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\setup3.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
10/9/2014 8:00:00 PM

Valid to:
12/12/2017 7:00:00 AM

Subject:
CN=DOUBLE OPT MEDIA PARTNERS LLC, O=DOUBLE OPT MEDIA PARTNERS LLC, L=Wilmington, S=Delaware, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0289DEB63998EB06A29C8E7F34C73E75

File PE Metadata
Compilation timestamp:
12/16/2011 2:06:40 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:MVffkDbJ9Dad6uxcAfIWhbUu2Pl/YGZfR0rvFq0aubqIRJtAP:MKDNRE6uGAfhFUu21YQZ0ro0ayRUP

Entry address:
0x29E1

Entry point:
E8, A6, 1D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 56, 57, 33, F6, BF, C8, AB, 40, 00, 83, 3C, F5, 54, A0, 40, 00, 01, 75, 1D, 8D, 04, F5, 50, A0, 40, 00, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, FF, 15, C0, 70, 40, 00, 85, C0, 74, 0C, 46, 83, FE, 24, 7C, D3, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, 50, A0, 40, 00, 00, 33, C0, EB, F1, 8B, FF, 53, 8B, 1D, C4, 70, 40, 00, 56, BE, 50, A0, 40, 00, 57, 8B, 3E, 85, FF, 74, 13, 83, 7E, 04, 01, 74, 0D, 57, FF, D3, 57, E8, 18, FD, FF, FF, 83, 26, 00, 59, 83, C6, 08...
 
[+]

Entropy:
7.9764  (probably packed)

Code size:
22 KB (22,528 bytes)

Remove setup3.exe - Powered by Reason Core Security