home

bitlord-installer.exe

House of Life

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application bitlord-installer.exe by House of Life has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.universebestapps.com and multiple other hosts.
Publisher:
House of Life  (signed and verified)

MD5:
9ef5c2f7d6f05e725faf667b070c7635

SHA-1:
7a830cb8d294235ba74dc74e49f3bb78b3eb8381

SHA-256:
e3a6309d6103d772d23578d01a776b09c56654322a948c563debd17a8bca7b16

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/6/2024 1:29:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Installer.HouseofLife
15.5.16.15

File size:
433.8 KB (444,176 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Nullsoft Install System)

Common path:
C:\users\{user}\downloads\bitlord-installer.exe

Digital Signature
Signed by:
House of Life

Authority:
COMODO CA Limited

Valid from:
5/13/2015 5:00:00 PM

Valid to:
5/13/2017 4:59:59 PM

Subject:
CN=House of Life, OU=Property, O=House of Life, STREET=Oelnes, L=Sogndal, S=Outside United States, PostalCode=6856, C=NO

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7D10B220FDFA59C2BD4E1AF300EBA218

File PE Metadata
Compilation timestamp:
5/11/2014 1:03:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:oDQkrZoosbIfXJ6JCXrlORlxN6oDNF1phPTOHMEbXmF5+K8/70TplyHig+w7:oDpoeVXrlO7FFrhysEbXyTg7slyHig+e

Entry address:
0x3217

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 98, 37, 42, 00, E8, AD, 2D, 00, 00, A3, E4, 36, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, A0, EC, 41, 00, FF, 15, 64, 71, 40, 00, 68, E4, 91, 40, 00, 68, E0, 2E, 42, 00, E8, 57, 2A, 00, 00, FF, 15, B0, 70, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 45, 2A...
 
[+]

Entropy:
5.8238

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file bitlord-installer.exe has been seen being distributed by the following 50 URLs.

http://www.universebestapps.com/c?x=bmS2rZ68EEdVBRiDfmteAN5zvNHjcKzkT D9iQ1IIiE=&c=EPVQD0hxuzY4opEIwW1zooxyfaHHHpb4z2 KY/.../olW9Z6KngTMuxuyeIyFXiR8q13M26zWJz92XwmKR6sVBYc&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=p CKvrt4aXhB91JNbtEoAs3DLhTJeE9f jLY06Cd/RA=&c=Hfv9UxPzEodBOWSUToM8bgMFiiJfe6 NI6PwBcKcbTDYGtFXiBiNwKnb1z56FioarMPqPu M0MDIUyByGmynOl5QR8bXKCTCZ/.../cjt0aY44&downloadAs=TomsInstaller.exe

http://www.applicationdownloadhosting.com/c?x=jZXuL81wWF5hiQ57Uo//1DgjpZvBjXd7ZOzGFMRzyp0=&c=LpSaWDuX x1rwwtlBrCueIaldZ9phdn1oHqHAU69hYQtFAje4lRNsI/yA42wQxIXvP5/.../l3rLDH6hvJznajj09idz4sBEzHPv2iQ&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/c?x=za94l1j1GHi8IYPpPgEsJFNN1a6iT/.../N8uU4W1isRQUxnVJH&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=2w068Q04k1Kh9Pwuu Q9SQJKiIaTq1ekBlG8GxlQQFg=&c=gENvdFTqG/Q14/.../eXXC2Kqa91uTrJFEHjhaMyeSnf2xfKlKVVtYVz7gk1rJBTjDLUyBe85UOQ0615V2jks&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/.../nliFJytcuaBzIiEkU85JxJHJ3eNnZvZwfA9XSfrmODls JRG2vyevf 39GU DTGNBtYOgs1d1CeJrXir&downloadAs=TomsInstaller.exe&_ga=1.37728544.109292065.1459859609

http://www.bulkstockupdate.com/c?x=XCKoHn88sY6FpSfu5CcIrd2 cliyzxXTpsz7vzi0kdU=&c=O3WpxW24XKxtXfcK0bEdct3wfF/y9G4ESGAy4b5bBLcLgd0ulls1FGY e5HJrZzN mtVFAe5L9dUHiG2dlGmVoxB dkCw/.../APhDrqesJDp&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=VVAKe0Vfe4XFNd/UUjj/.../K0PBYXEKYSrq2DOfj6pn1EPuVJHxHciSePwswzVi4HWvRyNSsQCebPq4I&downloadAs=TomsInstaller.exe

http://www.universebestapps.com/c?x=a7yO9ZlfQ6sEOEabGEx5fgLSDy tFP8MdQcr5WoPvD8=&c=/iY itaicdy7ZnyGBPWTubNLQrR95fKEQeC7HGPEc2Nd6yPhsjgyJbO8V9FZ30moisNZgD37M1ffQYU/.../yQkgkw3vmGBd0lRFKNKmieU8ffNkehad&downloadAs=TomsInstaller.exe

http://www.newgifthead.com/c?x=/fRDjFqrS0CLgP0amGnPsTbhQ72xrfqmUz5MftgYHo4=&c=5kYZ/vMkzWmBf8MIuxBOvB4sIhIPe5arwdqJd/OmmKomDXkPP46eVlxJt/.../mz9ilqN&downloadAs=TomsInstaller.exe

http://www.bundleupdatetown.com/c?x=vXZMZ0RHoQHgqdhkcWtAm4rZb3eroI/ILtiU2/5sEOc=&c=ocYt1XlxuapfpveDciyWNF7pe4MLY0LJWqTM214CH Nhj8Vkr1Q/.../cFKNf lnux0NaOH3c12p1m1bQuSu9swlkkIbyt&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/c?x=gZdJMf6T0VR/.../mHy0bKe83PbflKpK2h8Uwf Df&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/.../0YFsLIbOQpHKpy&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=P9ZE3vCs81f/nGEn Ru57RLY8F MifVSpGmUMefvbdM=&c=MAwdG glcYFSJ/UhxnjykzAmAWB79sGu RxUzpEMEY3fnMlhef2gcMPcZ46wFpC8oP8Aa1DIp1GC3tRl/aOfZCrJT Vq2QyStF3iex4w3nqRcz6wvO4vGw3C8KAnp//A&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=l4IVhVNZ1jiCbO7TnXRIf56BmtWHPJC5zsx4KCzFzL0=&c=RrOCGRpYKfjv5B1XsYW/ Mmjzo8pfNT4zprXReIIbP0dXgva6P6EB9l//XEeMD5aIT4dWpAJl1P3P0YAyTFNGBg 6XdL8h/.../JLQHUVfF&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/c?x=Pa8nnf50NoJ6nf6Wv41Cg4FOyaleYVPlf9LRCuV9xlU=&c=JBAiGeXc9 mnA5gaoxXIFG1bf0/tDA3gK s6w0kUqCltai9JxaKBfuHMZ 51ia0XY2CdipTmH/.../cJ1DW0tAAOmDT5Q8iMMNTsZKCjr7ySScuSTYS2Uj0WdLKRjyRe2H&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/.../h5XO7dMXzO7TDi3al7EG9KW4OUQE59 WA69I=&c=alY2lZlmN p5eOHX7EHz9GfEsUhrluB0uE8pk6D7YItsshstf7qoxwAyOO54K7V5dX7Tkv251ZxsWZQ4AgBEkg6Swg52zC38kM8jc3awRIXBZUWMLYAtdmvflcQpQQ5u&downloadAs=TomsInstaller.exe&_ga=1.103942592.1907068763.1459962847

http://www.bitssigncurrent.com/c?x=lbqZbMdSh1XKMcfTZiCIfCimyXd1qHjqSdbPWRveuqc=&c=bgHYS cCiML9/.../pdHnHgihbhpFz&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=937Hf2rCSP6RksONUZeQz4XhIwyw4 vNJSXEuUvmrvg=&c=OxVnnKwPkayEL 0iXzY6CrUvpCihWfHX2tHAuc7TtPOTAyOebqqAWXUMxgOZ4YjPCbSkWd2IU93VKN4QB37hR70Va8B sj cGNNM/.../884QB8&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=Ehp2GrY1Mu1BTRH4w3j9rnfYhK9BBEyNNGMqzmjjiuc=&c=ZnC2crvX26V0ZRSn2Pyaqv2SFtjKuEErroG48zI74sVXOP2tYV5qAdyTKv2j5 nha5EZ1tPQZ5Bl b8U6oRiwbITv4aMerZ0XNDcUTUYRUdN72g0ECQvAMCAjXPp3fq4&downloadAs=TomsInstaller.exe

http://www.heartconecptsigns.com/c?x=qye4g6CQ/5MQrfvgOKjIjIQURFq13hRnom5Zu9prtFQ=&c=Fm4y9qan7toSqJGdD9FsTFF r RsqdKnTsz 4RvP6 PSyvdw9Ba dvNOerqSA2AklvqjVkqbskGJut1/.../CqpdC6t0vBMF8fa7uUkxOX4HMj&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/c?x=joNfFbVPRL1a2aMTZ0Bqe32XcODTK4cGENOUNN5wDUE=&c=0M7phWvuGni5U3U9jLcE6qb3ftHTt SVPZnjMNCJSrYcaFUQs6JfIS5Gb5d5Bb078pxXBkmOhn85ijcFqTcSPArHN4/.../JTC cmsNl61AYn FI9KgZA&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=kOPdo0cU9ZfO7WqeZIg3mWUKGBZxZy3ukv/.../FhYPYUkBxuqf 78WIwuGY9bWZFn1VsYpwrTmdoyELmPSobWuVy&downloadAs=TomsInstaller.exe

http://www.bundleupdatetown.com/c?x=QSUxn1FEmUNMPC9MacOHO1iWbEJEyhWy8QCaQiSJSJw=&c=txTZ wabt3woUUZRVE9/.../BuXqAlY&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=j/.../nHmF9FIwIFvzNiNKbYCmRREAzHNtYOHLF RMXVMtbj4plOJMw7GN4tszI54kIQgQOml4zf6TWqhNENhv5fxnfjJpMF8LIoBQUNPfpk9T7wW8SC5ueXTh1dCE&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/c?x=RKrraZsRa6lk2xuW YoO1JzJRFAJl1zlGXq9660gvG4=&c=PFax3ieOM1F25IaxLy5F/.../TxO030DFsSWl ijh2cznuehk&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/.../niT5c2RXiyiM6HxL0puUjB3oXWB aocMy6oheg=&c=5svlHgyUChGGcJXPBQDPzphpQT29BoQp18evmZO4hgYw 4HWzyav8PSoCBpvumH3mEpSeUqwmXYaO 9OEPOted6VqtNuF48GNBBSRCpOgRDVnI62hcO36hxHFxeb2ERP&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/c?x=JjizhD9iuPVcNQa8lFm4Hqe2LfBuln9l7qBO9tmtwCQ=&c=6K3/W7 biPDOCUIES6xhGOksblhxnOLBLCwZNgQxfpC2wMZ1gcsCtQn/uj/.../hD9SH3tWPgGzk7&downloadAs=TomsInstaller.exe

http://www.bitssigncurrent.com/.../U7UmPM6ibgoi7LHeqRCO79Vmv7QkV8jjzOYZb1Ld2m9MNkv4qxMkBRQfhfmT0Cc257c4I7SC&downloadAs=TomsInstaller.exe

http://www.bulkstockupdate.com/.../eNem8hhdr404wqTHWs2PYfDd&downloadAs=TomsInstaller.exe

Latest 30 of 95 download URLs

Remove bitlord-installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.