xwidget_setup.exe

XWidget

XWidget Software

This is a setup and installation application. The file has been seen being downloaded from zr3mzw.bn1303.livefilestore.com and multiple other hosts.
Publisher:
XWidget Software

Product:
XWidget

Description:
XWidget Setup

Version:
1.881

MD5:
84db97010d068a7709c28c560ef04a3b

SHA-1:
2879bc2e6057ddf906158dab52791888134e6ca5

SHA-256:
be07e9459b9c01e77f9f8753c4a5dea6356f9f53462d0db9a218fb39e0bbf76a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/6/2024 12:48:49 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/FakeInstall.A.gen
v6.4.7.1.166

File size:
8.9 MB (9,286,004 bytes)

Product version:
1.881

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\xwidget_setup.exe

File PE Metadata
Compilation timestamp:
12/20/2011 3:16:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:PPB4y+mdRiRwIKLFAkbZfGkfCX8KOV462qWR8O6AZio34Kz:PZJtdR6wIKZJJK8K562iQMK

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file xwidget_setup.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file xwidget_setup.exe has been seen being distributed by the following 15 URLs.

https://zr3mzw.bn1303.livefilestore.com/.../xwidget_setup.exe

Scan xwidget_setup.exe - Powered by Reason Core Security