home

tscloudclientv2_en_setup.exe

Setup Factory 7.0 Runtime

The program is a setup application that uses the Setup Factory installer. The file has been seen being downloaded from www.aveye.net.
Product:
Setup Factory 7.0 Runtime

Description:
Setup Application

Version:
7.0.1.0

MD5:
b43ac23db27e88087a4d9d6822e69bcc

SHA-1:
3de0f4bafa6f21d679e2553dd80d50e02c22e2da

SHA-256:
2a2a9c39c72db228b98357963d7d4104c70b1b32a657ec76e75daa2b6fcc838d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 3:54:42 PM UTC  (today)

File size:
5.7 MB (6,014,430 bytes)

Product version:
7.0.1.0

Copyright:
Setup Engine Copyright © 2004 Indigo Rose Corporation

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:
suf70_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tscloudclientv2_en_setup.exe

File PE Metadata
Compilation timestamp:
10/13/2004 11:10:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:nZOG3XOMu9gZKczERULlf5k9Z/WZUovDPMioGdK1+bqyqDlI/YQZuy3lG1:n5fu9gYGEMp5E/cU2DPZoUvbqrDaQQZu

Entry address:
0x12000

Entry point:
BB, C7, 08, 32, 00, 90, 90, BF, 24, 20, 41, 00, 90, 90, BA, 98, 05, 00, 00, 90, 90, FF, 34, 3A, 31, 1C, 24, 8F, 04, 3A, 90, 90, 83, EA, 03, 4A, 90, 90, 75, ED, 2F, 75, 33, 00, C7, 08, 32, 00, C7, 08, 72, 00, 5A, 15, 32, 00, 07, 01, 6B, 00, 19, 1D, 6B, 00, C7, B8, 30, 00, C6, 08, 32, 00, C7, 68, 72, 00, C9, 60, 72, 00, DD, 60, 72, 00, 0B, 6E, 32, 00, CB, 60, 32, 00, DF, 60, 32, 00, C7, 68, 32, 00, CB, 60, 32, 00, DF, 60, 32, 00, C7, 08, 32, 00, C7, 08, 32, 00, E3, 68, 72, 00, C7, 08, 32, 00, C7, 08, 32, 00...
 
[+]

Entropy:
7.9565  (probably packed)

Code size:
20 KB (20,480 bytes)

The file tscloudclientv2_en_setup.exe has been seen being distributed by the following URL.

http://www.aveye.net/TSCloudClientV2_EN_SetUp.exe

Scan tscloudclientv2_en_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.