setupchrome updates.exe

Network Downloads

The application setupchrome updates.exe by Network Downloads has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Unlimited Downloads installer. With this installer, users are expecting to download Google's Chrome web browser but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware. The file has been seen being downloaded from files.getupdatesnow.com and multiple other hosts.
Publisher:
Network Downloads  (signed and verified)

MD5:
75eadbb81221244c27df39adac91991f

SHA-1:
24bb7ef0ef81090ef22d8980dad9c99936c56886

SHA-256:
d53ee87fdf79eec7a1f3a399a86a6b7bed634ef55f6ceb82f6c1892e0a0cdb2d

Scanner detections:
22 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 4:56:35 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2019573
786

AhnLab V3 Security
PUP/Win32.Agent
2014.12.11

avast!
Win32:Malware-gen
2014.9-141211

AVG
Networkd
2015.0.3264

Bitdefender
Trojan.GenericKD.2019573
1.0.20.1725

Dr.Web
Trojan.DownLoader11.48581
9.0.1.0345

Emsisoft Anti-Malware
Trojan.GenericKD.2019573
8.14.12.11.11

Fortinet FortiGate
W32/Genome.MKME!tr.dldr
12/11/2014

F-Secure
Trojan.GenericKD.2019573
11.2014-11-12_5

G Data
Trojan.GenericKD.2019573
14.12.24

Kaspersky
Trojan-Downloader.Win32.Genome
14.0.0.2813

McAfee
Artemis!75EADBB81221
5600.6920

Microsoft Security Essentials
TrojanDownloader:MSIL/Hovlix.A
1.11202

MicroWorld eScan
Trojan.GenericKD.2019573
15.0.0.1035

Norman
Downloader.HKZX
11.20141211

nProtect
Trojan.GenericKD.2019573
14.12.10.01

Panda Antivirus
Trj/CI.A
14.12.11.11

Qihoo 360 Security
HEUR/QVM20.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.NetworkDownloads.T
14.12.13.19

Trend Micro House Call
Suspicious_GEN.F47V1203
7.2.345

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
35614

File size:
119.8 KB (122,704 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Unlimited Downloads

Common path:
C:\users\{user}\downloads\setupchrome updates.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
9/14/2014 5:00:00 PM

Valid to:
9/16/2015 5:00:00 AM

Subject:
CN=Network Downloads, O=Network Downloads, L=Grosse Pointe Farms, S=Michigan, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0B2EC090B38AEBF3F19576B82389BAE7

File PE Metadata
Compilation timestamp:
12/7/2011 6:34:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
3072:gbAvO4TKWY63JV3Qoaa55W47GcV77b5QYO5:BvhKs33Qoaa5M4Sk3OJ

Entry address:
0x3E0F

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, B4, 52, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, 58, 4F, 00, 00, 53, C7, 04, 24, 00, 00, 00, 00, E8, C3, 52, 00, 00, 51, A3, 40, 5B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 3F, 32, 00, 00, A3, F0, 5B, 42, 00, 8D, 85, 84, FE, FF, FF, 52, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 4C, B2, 40, 00, E8, ED, 51, 00, 00, 83, EC, 14, C7, 44, 24, 04, 4D, B2, 40, 00, C7, 04, 24, 20, 5C...
 
[+]

Entropy:
7.5144

Code size:
32.5 KB (33,280 bytes)

The file setupchrome updates.exe has been seen being distributed by the following 5 URLs.

Remove setupchrome updates.exe - Powered by Reason Core Security