home

SetupWizard.exe

Get a Clip

The application SetupWizard.exe by Get a Clip has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Get-a-Clip  (signed by Get a Clip)

Product:
Get-a-Clip

Version:
5.3.0.0

MD5:
91253445b73d7c933fb18f36fcda2956

SHA-1:
ba692ee8aac0a2e9b3f43a87142b91493b072dd3

SHA-256:
f6b126d488989a19c051ee0d4f5fabeee32dca85282882b8e8aacdc728316e21

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 4:34:09 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.GetaClip (L)
16.9.15.2

File size:
3.1 MB (3,226,328 bytes)

Product version:
5.3.0.0

Copyright:
Copyright 2013 (c) Get-a-Clip. All rights reserved.

Original file name:
SetupWizard.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setupwizard.exe

Digital Signature
Signed by:
Get a Clip

Authority:
GlobalSign nv-sa

Valid from:
1/6/2016 5:09:05 PM

Valid to:
3/23/2017 8:37:13 AM

Subject:
E=info@get-a-clip.com, CN=Get a Clip, O=Get a Clip, L=Garden Grove, S=California, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214F73BF2EACA0C2BCE07BD34BC3F2079D

File PE Metadata
Compilation timestamp:
9/13/2016 8:18:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:o79ZTAEH8wRphUy9F4LWKDq8sX66hVYxz2:9wR6sX663EK

Entry address:
0x1585B5

Entry point:
E8, A1, A1, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 60, 13, 5F, 00, 75, 02, F3, C3, E9, 3D, 00, 00, 00, 55, 8B, EC, FF, 15, 84, E3, 58, 00, 6A, 01, A3, BC, CA, 5F, 00, E8, FA, A6, 00, 00, FF, 75, 08, E8, 8F, A6, 00, 00, 83, 3D, BC, CA, 5F, 00, 00, 59, 59, 75, 08, 6A, 01, E8, E0, A6, 00, 00, 59, 68, 09, 04, 00, C0, E8, 5D, A6, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, A1, FB, 01, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, A0, C8, 5F, 00, 89, 0D, 9C, C8, 5F, 00, 89, 15, 98, C8, 5F, 00...
 
[+]

Entropy:
6.7417

Code size:
1.5 MB (1,623,040 bytes)

Remove SetupWizard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.