» silentsddsetup.exe
Overview
Analysis
File Details

silentsddsetup.exe

Savepath Deals

The application silentsddsetup.exe by Savepath Deals has been detected as adware by 5 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory.

File name:

silentsddsetup.exe

Publisher:

Savepath Deals (signed and verified)

MD5:

fa2fce14a8d43b8a2d35c2c5108be206

SHA-1:

5c6979e8cd7e35dc977c53dc03b993fe432bb859

SHA-256:

01292cdf74049bae4bc4e4a34c3480d68c9e18c2fd15b09f8810013086b427fe

Scanner detections:

5 / 68

Status:

Adware

Analysis date:

11/5/2024 2:50:20 AM UTC (today)

Scan engine

Detection

Engine version

AVG

MalSign.Savepath

2016.0.3216

McAfee

Artemis!FA2FCE14A8D4

5600.6872

Reason Heuristics

PUP.Installer.SavepathDeals

15.1.28.9

Trend Micro House Call

TROJ_GEN.F47V0123

7.2.28

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

File size:

1.9 MB (2,016,896 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\silentsddsetup.exe

Digital Signature

Signed by:

Savepath Deals

Authority:

COMODO CA Limited

Valid from:

5/16/2013 8:00:00 PM

Valid to:

5/17/2014 7:59:59 PM

Subject:

CN=Savepath Deals, O=Savepath Deals, STREET=2526 W Macarthur blvd, STREET=UNIT G, L=Santa Ana, S=CA, PostalCode=92704, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0080BC518A6FEE7C80D4DA50F0F5EEB4DA

File PE Metadata

Compilation timestamp:

12/24/2013 2:43:37 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

49152:LAjUKzG46WE3jpZlDyTcVu3wJosPymgwtDgeicNkHANe:8zkjvlwDKosPymg7cNq

Entry address:

0x105ED

Entry point:

E8, 4D, 7B, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 84, D2, 42, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 70, B8, 42, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 84, D2, 42, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8... 
[+]

Entropy:

7.8946 (probably packed)

Code size:

123 KB (125,952 bytes)

Remove silentsddsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.