The QuickBooks Setup msi File Malware Analysis
Gridinsoft Logo

The QuickBooks_Setup.msi File Analysis

Updated 5 hours ago
Checked by Malware Check
QuickBooks_Setup.msi

Technical Analysis

File Name QuickBooks_Setup.msi
File Type
Windows Installer
Magic Bytes Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: *Bad* 0x32a9f8804b223160, Create Time/Date: *Bad* 0x32a9f8804b223160, Last Saved Time/Date: *Bad* 0x366b46405f64befb, Security: 0, Code page: 1252, Revision Number: {32B03926-9B26-4EC3-A6F4-B71EF2E0538F}, Number of Words: 2, Subject: QuickBooks Desktop Download, Author: lntuitInc., Name of Creating Application: QuickBooks Desktop Download, Template: ;1033, Comments: This installer database contains the logic and data required to install QuickBooks Desktop Download., Title: Installation Database, Keywords: Installer, MSI, Database, Number of Pages: 200
SSDEEP Hash
98304:1Yk8Y7sDAi/5GCyJL81ojocVtpQIxcknkmLoLbKxc7fUi:BGeL81oEcjdc/mEVQi
Scanner Version 1.0.224.174
Database Version 2025-09-18 16:01:09 UTC

Suspicious File Detected

Detected by 33 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
52%
Detection Rate
3,900,928
File Size (bytes)
33/63
Engines Detected
2025-09-18
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
675d05c2a81ec2148a6181ad1c60813d
SHA1
3228ecdcca80366c4bc947186ba44e10d7fb47ba
SHA256
90dd27602fdfd90c7390056676aa5636003b34895e80a946794af36cf596cd36
SHA512
1563e9f8427b3b7042e034b9a703461c015e3e9e7bc091abf752356d776f51c792539077b73b84a1a30007296a037cacf13f443e40ac419411485c6b95f57f51

Security Engines with Detections (33 of 63)

Lionic
Trojan.Win32.Generic.4!c Malicious
MicroWorld-eScan
Trojan.GenericKD.74156625 Malicious
CTX
msi.trojan.fakeqb Malicious
CAT-QuickHeal
Trojan.Ghanarava.173174849418c0cc Malicious
Skyhigh
Artemis!Trojan Malicious
ALYac
Trojan.GenericKD.74156625 Malicious
Zillya
Trojan.Agent.Win32.4011666 Malicious
K7AntiVirus
Trojan ( 005690671 ) Malicious
K7GW
Trojan ( 005690671 ) Malicious
VirIT
Trojan.MSI.Agent.HHE Malicious
Symantec
Trojan.Gen.MBT Malicious
ESET-NOD32
Win32/GenCBL.FGT Malicious
TrendMicro-HouseCall
TROJ_GEN.R002H09IL24 Malicious
Avast
Win32:Malware-gen Malicious
BitDefender
Trojan.GenericKD.74156625 Malicious
NANO-Antivirus
Trojan.Win32.TrjGen.krfrjp Malicious
Rising
Trojan.Agent!8.B1E (CLOUD) Malicious
Emsisoft
Trojan.GenericKD.74156625 (B) Malicious
DrWeb
BackDoor.Siggen2.4873 Malicious
VIPRE
Trojan.GenericKD.74156625 Malicious
TrendMicro
PUA.MSIL.FakeQB.B Malicious
Sophos
Mal/Generic-S Malicious
Ikarus
Trojan.Win32.Generic Malicious
Google
Detected Malicious
Xcitium
Malware@#2e2rl27f6ifja Malicious
Arcabit
Trojan.Generic.D46B8A51 Malicious
GData
Trojan.GenericKD.74156625 Malicious
Varist
W32/FakeQB.A.gen!Eldorado Malicious
VBA32
TScope.Trojan.MSIL Malicious
TrellixENS
Artemis!4C6FFC65FEBD Malicious
Fortinet
PossibleThreat Malicious
AVG
Win32:Malware-gen Malicious
alibabacloud
Trojan:Win/GenCBL.FUB Malicious
30 engines reported no threats - Only engines with detections are shown above for clarity

Certificate Chain Analysis

Certificate Information
Signing Date 12:07 PM 06/22/2024 (453 days ago)
Verification Status A certificate was explicitly revoked by its issuer.
Signers Siam Computer (MD Kamrul Hassan); Sectigo Public Code Signing CA EV R36; Sectigo Public Code Signing Root R46; Sectigo (AAA)
Counter Signers Sectigo RSA Time Stamping Signer #4; Sectigo RSA Time Stamping CA; Sectigo

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

A certificate was explicitly revoked by its issuer.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
33 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware