setup_076.exe

March Hare Software Ltd

This is a self-extracting archive and installer.
Publisher:
March Hare Software Ltd  (signed and verified)

Description:
Setup/Uninstall

Version:
51.51.0.0

MD5:
1ce2b338c2e5de90fb17c7fced87691a

SHA-1:
8308cab8f70ac823ceaecba14f4b2cdf64077765

SHA-256:
2e05ec4708b8acdd7a78900289e5b8984f9606db7b21c95407898c22571787f8

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/27/2024 5:35:48 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Searcher.1222
9.0.1.05190

Kaspersky
Trojan-Downloader.NSIS.Chindo
15.0.0.562

File size:
1.8 MB (1,880,480 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\tfeimlpe\setup_076.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/8/2015 8:00:00 AM

Valid to:
6/10/2018 7:59:00 AM

Subject:
CN=March Hare Software Ltd, OU=March Hare Software Ltd, L=London, S=., C=GB

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0800275640C223061C2646FAE79B557F

File PE Metadata
Compilation timestamp:
12/6/2009 6:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:HfByGz/dGBUl6211zQsxzf0QAM0finTfpYQUJFXmRQo6:HpV/octbd0QZ06nTKQUJlmG

Entry address:
0x30CB

Entry point:
B8, 14, 92, 49, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, B0, E7, BF, 05, D2, B3, AF, EC, 66, 9C, 54, F3, C8, 91, 6C, 6C, 25, 5E, AD, 68, 3A, 3D, 82, 11, 29, 09, 98, CC, 23, DA, 56, 82, 21, 76, 40, 4B, 27, E9, 0B, 2E, E6, 57, ED, FB, FB, B8, 29, 63, 39, 6E, A7, 94, 6C, A6, E2, 7E, 41, C9, FB, 91, D0, 38, BB, E7, E7, 85, EE, B1, 08, 6A, 77, 88, 71, 86, A2, 36, B9, 0F, 4A, 35, B4, B5, 1B, 4E, 91, DD, 45, 6B, F2, E4, D6, 95, 86...
 
[+]

Entropy:
7.9939

Packer / compiler:
PECompact v2

Code size:
22.5 KB (23,040 bytes)

Scan setup_076.exe - Powered by Reason Core Security