home

setup_v2.exe

Tuguu Israel Ltd

This is part of the Tuguu DomaIQ , a download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application setup_v2.exe by Tuguu Israel has been detected as adware by 25 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Tuguu Israel Ltd  (signed and verified)

MD5:
c9d6abb15c285d8768b3c64074c579cb

SHA-1:
db912b48dce8f9274ba37638657dc59f66bd862b

SHA-256:
ed1f33bbe118fb21d7ecaee7593d855dd357ec247dd588ed18454456e584f21c

Scanner detections:
25 / 68

Status:
Adware

Explanation:
The software bundles potentially unwanted offers during setup including toolbars and adware.

Analysis date:
12/26/2024 2:46:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.DomaIQ.C
978

Agnitum Outpost
PUA.DomaIQ
7.1.1

Avira AntiVirus
APPL/DomaIQ.Gen
7.11.152.90

avast!
DomaIQ-CO [PUP]
140531-1

AVG
Adware Skodna.Bundle_r.W
2014.0.3955

Bitdefender
Application.Bundler.DomaIQ.C
1.0.20.760

Comodo Security
Application.Win32.DomaIQ.URT
18402

Dr.Web
Trojan.DownLoader9.15042
9.0.1.05190

ESET NOD32
Win32/DomaIQ.AZ potentially unwanted application
7.0.302.0

F-Prot
W32/DomaIQ.D3.gen
v6.4.7.1.166

F-Secure
Adware:W32/DomaIQ
11.2014-01-06_1

G Data
Application.Bundler.DomaIQ
14.6.24

IKARUS anti.virus
Win32.AdWare
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.178.12257

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ
15.0.0.463

Malwarebytes
PUP.Optional.Domalq
v2014.06.01.08

McAfee
Adware-DomaIQ!131E2464FBA8
5600.7112

MicroWorld eScan
Application.Bundler.DomaIQ.C
15.0.0.456

NANO AntiVirus
Trojan.Win32.DomaIQ.ctadmg
0.28.0.59921

Panda Antivirus
PUP/MultiToolbar.A
14.06.01.08

Reason Heuristics
PUP.Installer.TuguuIsrael.L
14.8.7.22

Sophos
DomainIQ pay-per install
4.98

SUPERAntiSpyware
Adware.DomaIQ/Variant
10569

Vba32 AntiVirus
BScope.Downware.DomaIQ
3.12.26.0

VIPRE Antivirus
Threat.4783235
29800

File size:
313 KB (320,512 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setup_v2.exe

Digital Signature
Signed by:
Tuguu Israel Ltd

Authority:
DigiCert Inc

Valid from:
6/11/2013 7:00:00 PM

Valid to:
8/20/2014 7:00:00 AM

Subject:
CN=Tuguu Israel Ltd, O=Tuguu Israel Ltd, L=RAMAT GAN, C=IL

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
06FD356584CBF71B04A7AFE790A2329F

File PE Metadata
Compilation timestamp:
1/29/2014 1:41:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:Nwbqks+CRoRrxK00jN/wfLERu8XcN0K8XL/2qQdpt8PLcgcW9U004NOFVqDlEQZJ:Nweks+CRO0mfLL8vHzstcF93/Y8

Entry address:
0x1576

Entry point:
E8, CC, 26, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, D8, CF, 40, 00, 89, 0D, D4, CF, 40, 00, 89, 15, D0, CF, 40, 00, 89, 1D, CC, CF, 40, 00, 89, 35, C8, CF, 40, 00, 89, 3D, C4, CF, 40, 00, 66, 8C, 15, F0, CF, 40, 00, 66, 8C, 0D, E4, CF, 40, 00, 66, 8C, 1D, C0, CF, 40, 00, 66, 8C, 05, BC, CF, 40, 00, 66, 8C, 25, B8, CF, 40, 00, 66, 8C, 2D, B4, CF, 40, 00, 9C, 8F, 05, E8, CF, 40, 00, 8B, 45, 00, A3, DC, CF, 40, 00, 8B, 45, 04, A3, E0, CF, 40, 00, 8D, 45, 08, A3, EC, CF, 40...
 
[+]

Entropy:
5.8864

Code size:
30.5 KB (31,232 bytes)

Remove setup_v2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.