× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5e5a8f3b318f077ad371e460a651f2e0f53ad52a92afda395dcf39efc721d46f
File name: setup.tmp
Detection ratio: 0 / 66
Analysis date: 2017-12-16 16:01:34 UTC ( 1 month ago )
Antivirus Result Update
Ad-Aware 20171216
AegisLab 20171216
AhnLab-V3 20171216
Alibaba 20171215
ALYac 20171216
Antiy-AVL 20171216
Arcabit 20171215
Avast 20171216
Avast-Mobile 20171215
AVG 20171216
Avira (no cloud) 20171216
AVware 20171216
Baidu 20171216
BitDefender 20171216
Bkav 20171216
CAT-QuickHeal 20171216
ClamAV 20171216
CMC 20171216
Comodo 20171216
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171216
Cyren 20171216
DrWeb 20171216
eGambit 20171216
Emsisoft 20171216
Endgame 20171130
ESET-NOD32 20171216
F-Prot 20171216
F-Secure 20171216
Fortinet 20171216
GData 20171216
Ikarus 20171216
Sophos ML 20170914
Jiangmin 20171216
K7AntiVirus 20171216
K7GW 20171214
Kaspersky 20171216
Kingsoft 20171216
Malwarebytes 20171216
MAX 20171216
McAfee 20171216
McAfee-GW-Edition 20171216
Microsoft 20171216
eScan 20171216
NANO-Antivirus 20171216
nProtect 20171216
Palo Alto Networks (Known Signatures) 20171216
Panda 20171216
Qihoo-360 20171216
Rising 20171216
SentinelOne (Static ML) 20171207
Sophos AV 20171216
SUPERAntiSpyware 20171216
Symantec 20171215
Symantec Mobile Insight 20171215
Tencent 20171216
TheHacker 20171210
TrendMicro-HouseCall 20171216
Trustlook 20171216
VBA32 20171215
VIPRE 20171216
ViRobot 20171216
Webroot 20171216
WhiteArmor 20171204
Yandex 20171216
Zillya 20171214
ZoneAlarm by Check Point 20171216
Zoner 20171216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 51.52.0.0
Description Setup/Uninstall
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000CA568
Number of sections 8
PE sections
PE imports
RegDeleteKeyA
GetTokenInformation
LookupPrivilegeValueA
RegCloseKey
EqualSid
OpenProcessToken
GetUserNameA
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
OpenThreadToken
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
AdjustTokenPrivileges
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_GetImageInfo
InitCommonControls
ImageList_SetDragCursorImage
ImageList_GetDragImage
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_GetImageCount
ImageList_Replace
ImageList_SetOverlayImage
ImageList_Destroy
ImageList_LoadImage
ImageList_AddMasked
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
GetOpenFileNameA
GetSaveFileNameA
GetBitmapBits
AddFontResourceA
CreateICA
Arc
GetWindowOrgEx
PatBlt
GetClipBox
GetCurrentPositionEx
SaveDC
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateBrushIndirect
SetStretchBltMode
EnumFontsA
GetPixel
Rectangle
GetObjectA
ExcludeClipRect
LineTo
DeleteDC
RestoreDC
SetBkMode
GetSystemPaletteEntries
SetPixel
EndDoc
CreateSolidBrush
StartPage
DeleteObject
IntersectClipRect
BitBlt
CreateCompatibleBitmap
RealizePalette
SetTextColor
ExtFloodFill
GetDeviceCaps
MoveToEx
SetAbortProc
CreateDCA
CreateBitmap
RectVisible
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
ExtTextOutA
UnrealizeObject
GetDIBits
SetTextAlign
SelectClipRgn
RoundRect
StretchBlt
StretchDIBits
CreateCompatibleDC
Chord
SetROP2
EndPage
CreateRectRgn
RemoveFontResourceA
SelectObject
StartDocA
Pie
Ellipse
GetPaletteEntries
SetWindowOrgEx
Polyline
GetTextExtentPointA
SetBkColor
LineDDA
GetTextExtentPoint32A
CreatePenIndirect
GetStdHandle
ReleaseMutex
FileTimeToSystemTime
CreateFileMappingA
GetOverlappedResult
WaitForSingleObject
GetDriveTypeA
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
SetErrorMode
GetLogicalDrives
GetFullPathNameA
WideCharToMultiByte
GetFileAttributesA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
SetFileAttributesA
FreeLibrary
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetSystemTime
DeviceIoControl
GetEnvironmentVariableA
GetUserDefaultLangID
CopyFileA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
LoadLibraryExA
GetPrivateProfileStringA
WriteProfileStringA
GetSystemDefaultLCID
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
CreateThread
SetNamedPipeHandleState
GlobalAddAtomA
MulDiv
GetSystemDirectoryA
MoveFileExA
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetVersion
SetCurrentDirectoryA
EnterCriticalSection
TerminateThread
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
GetVersionExA
LoadLibraryA
RtlUnwind
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GlobalLock
GlobalReAlloc
lstrcmpA
FindFirstFileA
GetProfileStringA
CompareStringA
GetComputerNameA
FindNextFileA
GetProcAddress
CreateEventA
GetFileType
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
GetSystemInfo
GlobalFree
GlobalUnlock
IsDBCSLeadByte
CreateNamedPipeA
RemoveDirectoryA
GetShortPathNameA
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCurrentDirectoryA
GetCommandLineA
GetCurrentThread
OpenMutexA
RaiseException
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
TransactNamedPipe
GetACP
GetCurrentThreadId
FreeResource
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
FindResourceA
VirtualAlloc
WNetOpenEnumA
WNetGetUniversalNameA
WNetEnumResourceA
WNetCloseEnum
WNetGetConnectionA
CoUninitialize
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CLSIDFromProgID
CoDisconnectObject
IsEqualGUID
CoTaskMemFree
SysStringLen
SysAllocStringLen
RegisterTypeLib
VariantCopyInd
VariantClear
GetActiveObject
SafeArrayCreate
LoadTypeLib
SysFreeString
SafeArrayPutElement
VariantChangeTypeEx
SHGetFileInfoA
ExtractIconA
ShellExecuteExA
SHChangeNotify
SHBrowseForFolder
SHGetPathFromIDList
SHGetMalloc
ShellExecuteA
MapWindowPoints
GetMessagePos
SetWindowRgn
CharPrevA
CharLowerBuffA
SetRectEmpty
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
OemToCharBuffA
DispatchMessageA
EndPaint
ScrollWindowEx
CharUpperBuffA
WindowFromPoint
DrawIcon
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
SendMessageW
UnregisterClassA
SendMessageA
GetClientRect
DrawTextW
SetScrollPos
CallNextHookEx
ClientToScreen
GetActiveWindow
ShowCursor
MsgWaitForMultipleObjects
ScrollWindow
GetWindowTextA
PtInRect
GetMessageA
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
DefMDIChildProcA
ShowWindow
GetPropA
GetDesktopWindow
CharToOemBuffA
DestroyIcon
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
InsertMenuItemA
CreatePopupMenu
GetIconInfo
LoadStringA
SetParent
CharLowerA
IsZoomed
GetWindowPlacement
GetWindowRgn
DrawMenuBar
IsWindow
IsIconic
RegisterClassA
GetMenuItemCount
GetWindowLongA
SetTimer
OemToCharA
ShowOwnedPopups
FillRect
EnumThreadWindows
CharNextA
WaitForInputIdle
GetSysColorBrush
CreateMenu
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
SendNotifyMessageA
MapVirtualKeyA
DrawEdge
SetCapture
BeginPaint
OffsetRect
GetScrollPos
CopyIcon
KillTimer
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
CreateWindowExA
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
GetDCEx
GetDlgItem
BringWindowToTop
AppendMenuA
ScreenToClient
InsertMenuA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuStringA
GetMenuState
GetSystemMenu
SetForegroundWindow
ExitWindowsEx
DrawTextA
IntersectRect
CreateIcon
GetCapture
WaitMessage
FindWindowA
MessageBeep
RemoveMenu
GetWindowThreadProcessId
GetMenu
DrawFrameControl
UnhookWindowsHookEx
MoveWindow
CallWindowProcA
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetScrollInfo
GetKeyState
SystemParametersInfoA
EnableMenuItem
GetKeyNameTextA
IsWindowVisible
SetMenu
WinHelpA
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
SendMessageTimeoutA
CreateAcceleratorTableA
CallWindowProcW
GetClassInfoW
IsRectEmpty
GetCursor
GetFocus
ReplyMessage
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
Number of PE resources by type
RT_STRING 20
RT_RCDATA 10
RT_GROUP_CURSOR 6
RT_CURSOR 6
RT_ICON 4
RT_BITMAP 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 41
ENGLISH US 5
CHINESE SIMPLIFIED 5
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.25

ImageVersion
6.0

FileVersionNumber
51.52.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
137216

EntryPoint
0xca568

MIMEType
application/octet-stream

FileVersion
51.52.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Setup/Uninstall

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
825344

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
File identification
MD5 f65dad3b880a08cd2443cfb584d56cf5
SHA1 e1674444a7ceaa443bd09d9806aabd22f24cc1ce
SHA256 5e5a8f3b318f077ad371e460a651f2e0f53ad52a92afda395dcf39efc721d46f
ssdeep
24576:QEOkNzbZrPC37HzH1A6/flFCXVoEluUMJYDExa+:Qv8rPC37HzH1A6/CJuUQ

authentihash f2158f9da996031213089422dc6494b76f5be202bda4aa54942d83bba13e6cbe
imphash a2449d4160b59e7f523a1790ed0ed3a0
File size 894.0 KB ( 915456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (37.9%)
Inno Setup installer (35.7%)
InstallShield setup (14.0%)
Win32 Executable Delphi generic (4.6%)
Windows screen saver (4.2%)
Tags
peexe

VirusTotal metadata
First submission 2011-07-10 19:19:42 UTC ( 6 years, 6 months ago )
Last submission 2017-09-15 10:12:27 UTC ( 4 months ago )
File names setup.tmp
SVP_3.1.5.tmp
setup OddPlanet.tmp
UltimateSetup.tmp
Winstep_Xtreme_12.2.tmp
Setup.tmp
setup.tmp
setup.tmp
98F01D080037A76CF8830D429E7904009EEDFCFF.tmp
f65dad3b880a08cd2443cfb584d56cf5
5e5a8f3b318f077ad371e460a651f2e0f53ad52a92afda395dcf39efc721d46f.vir
setup.tmp
SETUP.TMP
UltimateSetup.tmp
file-4322295_tmp
setup.tmp
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!