» startuplite-setup-1.07.exe
Overview
Analysis
File Details
Programs (3)
Downloads (17)

startuplite-setup-1.07.exe

Malwarebytes' StartUpLite

Malwarebytes

This is installed with multiple programs including FileASSASSIN. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

startuplite-setup-1.07.exe

Publisher:

Malwarebytes (signed and verified)

Product:

Malwarebytes' StartUpLite

Version:

1.00.0007

MD5:

008de55baed62fbe32a983a54e6f1233

SHA-1:

3f942acd9818a03210cdea0dc953381aff099467

SHA-256:

bcc5b272ddcfc81a97c078a94fab88f39d9a26e1d8f5ab8a9b078df7392e8dad

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 11:46:32 AM UTC (today)

File size:

199.7 KB (204,496 bytes)

Product version:

1.00.0007

Original file name:

StartUpLite.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\startuplite-setup-1.07.exe

Digital Signature

Signed by:

Malwarebytes

Authority:

The USERTRUST Network

Valid from:

8/20/2007 5:00:00 PM

Valid to:

8/20/2008 4:59:59 PM

Subject:

CN=Malwarebytes, O=Malwarebytes, STREET=147 Henderson St., L=Bensenville, S=IL, PostalCode=60106, C=US

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

407D5F641FB1E3712CA97E98D68AF0CB

File PE Metadata

Compilation timestamp:

1/9/2008 4:07:21 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:Z0VF/SuHczFOXGrHCLXekzpU/VEa7LXekzp5d4zgu5CYZzphXeDdq:Z0AFeSkzps17Skzp5mzLzpgDdq

Entry address:

0x1640

Entry point:

68, 48, 18, 40, 00, E8, F0, FF, FF, FF, 00, 00, 58, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 40, 00, 00, 00, 7E, 7E, 18, E1, 73, 06, 27, 42, 90, FF, CE, 87, 0F, 0C, E6, BD, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 42, 00, 82, 50, 82, 01, 53, 74, 61, 72, 74, 55, 70, 4C, 69, 74, 65, 00, D4, AA, A1, 01, 53, 74, 61, 72, 74, 55, 70, 4C, 69, 74, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, BC, 28, 26, 0F, 11, 34, 53, 41... 
[+]

Entropy:

4.9842

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

156 KB (159,744 bytes)

The file startuplite-setup-1.07.exe has been discovered within the following programs.

EasyCleaner by ToniArts

Publisher's description - “EasyCleaner is a small program that searches through Windows registry for entries that are pointing nowhere. EasyCleaner also lets you delete all kinds of unnecessary files like temps and backups.”

personal.inet.fi/business/toniarts

40% remove it

FileASSASSIN by Malwarebytes Corporation

Publisher's description - “FileAssassin can delete locked malware files on your system. It uses advanced techniques to unload modules, close remote handles, and terminate processes to allow the removal of the file. Simply download FileAssassin, unzip the file, and run the installer.”

www.malwarebytes.org

5% remove it

Toolwiz Time Freeze 2016 by ToolWiz

www.Toolwiz.com

About 4% of users remove it

The file startuplite-setup-1.07.exe has been seen being distributed by the following 17 URLs.

http://gsf-cf.softonic.com/3f9/42a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69674669&instance=softonic_es&type=PROGRAM&Expires=1447588753&Signature=LDCpFCc2qdKuY5YakH0DaVySgbpuDSHzOriyAfY99dSsGDygTpakEJJkixFTVahR0rDOsm9R-T0JmRjQADmKjey-R4nj78upLSfm9n6ybXmcW~AR8XboWU6tiiUFVzs~Q5hI9287zKuRM6V~kFBMEOmjUTM9F3ZwyI5q5C7PRpE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StartUpLite.exe

https://docs.google.com/uc?authuser=0&id=0B4jrsEBJ6wKzTzN5MTM1MGllSDg&export=download

http://migre.me/nFkAN

http://ar.softoware.net/get-startuplite.html?ir=1

https://downloads.malwarebytes.com/.../startuplite

http://downloads.malwarebytes.com/.../startuplite

http://www.techspot.com/downloads/downloadnow/.../?evp=86ab6f66c8bee549dc4c54bdcf231e2c&file=1

https://data-cdn.mbamupdates.com/.../startuplite-setup-1.07.exe

https://downloads.malwarebytes.org/.../startuplite

https://dl-web.dropbox.com/.../StartUpLite.exe

http://it.malwarebytes.org/StartUpLite.exe

http://fr.malwarebytes.org/StartUpLite.exe

http://www.commentcamarche.net/download/.../telecharger-34065619-startuplite

http://www.malwarebytes.org/StartUpLite.exe

http://software-files-a.cnet.com/s/software/10/79/70/.../StartUpLite.exe

http://data-cdn.mbamupdates.com/v1/tools/startuplite/.../startuplite-setup-1.07.exe

http://downloads.malwarebytes.org/.../startuplite

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.