» bitzipper2015setup.exe
Overview
Analysis
File Details
Downloads (88)

bitzipper2015setup.exe

Hiduluh

InstallSpeedy (New Media Holdings Ltd.)

The application bitzipper2015setup.exe, “Hiduluh Setup ” by InstallSpeedy (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.chuckletourrepository.com and multiple other hosts.

File name:

Publisher:

Sekafaha (signed by InstallSpeedy (New Media Holdings Ltd.))

Product:

Hiduluh

Description:

Hiduluh Setup

Version:

2.7.5.7

MD5:

31d54d95dd5344b5ad8bc2f7872a30f6

SHA-1:

07fdda7172cbcc1b42769cc26c4d97fa8b66a5f2

SHA-256:

e75e5890567425bb9fb0da5bd3f71f865739c1225b51b68a0c428d06406e78d2

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/15/2024 11:27:46 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.NewMedia.NMH.Bundler (M)

16.6.8.20

File size:

1 MB (1,056,072 bytes)

Product version:

2.7.9

Installer File

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\bitzipper2015setup.exe

Digital Signature

Signed by:

InstallSpeedy (New Media Holdings Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

3/15/2016 9:40:35 AM

Valid to:

7/11/2017 7:28:33 AM

Subject:

CN=InstallSpeedy (New Media Holdings Ltd.), O=InstallSpeedy (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F59EA8A6B04CAE5E738F6CB09D295BDB

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:PC6tzjeUdH0pvUkGvpKsQXX61x6y5MyVMqCNDXG:PL1je2kyfx6iMsob

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9185

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file bitzipper2015setup.exe has been seen being distributed by the following 50 URLs.

http://www.chuckletourrepository.com/c?x=ba1QtggS dVCv5pdCs nzJu0cjcAsNCz9DemjuldEn4=&c=6OehWZUNMbYS0c6qZ1OEMo5zl0zyC MIEN6Y1A0VRwJZLFn/McQkI/ZqKh6CsxA745uSawXlDEGaWk/FrhXtUXV2Y5sVH3d3CIahzpkb1CO2cxY0eb/nL6UjNqGzKR9r&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.factorynewlaboratory.com/c?x=rJZTpdB8OVwWU4F2px qHFG0mvDaEA48FmtnP SZfzg=&c=uhW59892nrIlHajJ/ERhGJfyKrh45yyhq8Nt0uieajW6enw TFSMNCXUYvQYQIapmFDoZAwTIcl4euQTZnhqdnlaL1bGIFdPluXAXDL0/w4i3rOq2GbTQqnIUU4ApRp9&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.chucklesignstower.com/c?x=mCxduUqLGsWpY6Jsn0TdwJucEH5TnCDjjYpnJu5UjzU=&c=EJx3cApP1gl0Kll0lMTfpK1hCgVJk5ACTD0bbaPfdE1kRaqMAGZvRMA/MyiVtv7vjTpLhSOjjwtXSdoZAYjAQeiPRBo2KVBW0nWg004hPaagB7/Ob3qv9u/F3JCMm8Ve&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.downloadscenterguard.com/c?x=LKAyazCqAMX40w3yFMqY5nhom284hOvW2nIZkd/n 9c=&c=qbPGxBMIBW0iw5j3CQtmXZYRJBWPXO9KDYg6Pet54uyxPkDYWHEY0KlOmdl5bDLS3rV9BWJImP5bsQRXYUO71IpJ7 nfotntdxtQpDrJXmEaGptADozmFNLGZfafabdw&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.toursigntours.com/c?x=Ho7eVi0mqwz162uqKXWXWey37s730MKHvhzSfkCLQCk=&c=9IvOGz1lojLYTUosY9pTahSjuIYhjPqBbXmJ7MCjdpnIrtfnO0A6Jaswem9U0lrmH9U24/NoDtWUkfxTDCSaMOuaGvjBFtk7NK7alVJFdaHkXd4hz99cxEOziYpD9wtk&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.universesafelaboratory.com/c?x=UN 1lnQsyY0Lnuozt0b7qmkDa435KeMM9GU I8Ta27c=&c=FM3c7oYy08QzTQYLKVkXTZxs2Pj9zW6okWed84saQUtpMrRQie1gqbimFouiRKdFhywuRXGBOj13WkWMI5Gwc62n8Ga9KRPHiEdCEe3FkRGTGUkxFpMtuUQb/xdXplEV&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.bodyvaultclean.com/c?x=XrJPDiYUywpwEfcHOuCTUVo4SCL1J4 YOwN57JIy66A=&c=abR8eO0aavuXHUt/T2Toev3qzZIT94waQ Estyj/Ri2O0Xpi6L0V4VKxeitvGzG1koG6avauyDCDAh1 MKEHhFLLigJ/OP JMfLkhtnZAK02YEfcW/729emJ1fuixAiA&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.citysoftwareapplication.com/c?x=KTDSCybM19rTudZns7F/fu7li8K/4yP6yQ6l78GXayo=&c= EIElCbk1K2IuzhwB7fWg/1lDllgOk8UgEXzTehvi6F3vVuPFB55dr7wlZjWjiHlfwf8 y7HCSq4JI54A2uY0ah/zdGHP3G3PPnJgpRVNqwqD98Blntk1qCOLDC TrTT&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.megacapitallaboratory.com/c?x=VVo Lt/jN8EjiOIgqc1bAqMfCh3ieNmQk8d Uznt8CA=&c=bxvehUa2qvH46zZc509acc KkryliwbAb/nbUfbRri9c0/9wLGR/KD21TdCCiohF6A6PobhTWTBBvibsFWW8HAbGSCF53nWhahwt mcoP6ehg9/3GZMZLXnJeIRGpGsf&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.vaultsappranch.com/c?x=UN5ORUj8IHymebA6hdv67hz/FmPbhOeMT0NMC98IWQ0=&c=EDMrp brwMD X8eJbNYnDHqXmBgBRXEhgLoZ8nUsDBJ8qmteBiwOKXMHP18NFVRBKbD4co2rUiehvITsJZtiT/20EOJ0OMlnaE6p2S4yUp Vt5awKxiGFOx6SaTovj B&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.bestcycleupdate.com/c?x=HuvrEchb3XmrstSCt/kdsx0uf5xU2FwMRqdqdqJ14rQ=&c=UvA8AEtmjdOM9 jgD4VY4SfdDP2WD06E9O3c7LGuVqOBZ7qt6KZQ GgBc4bHdSrUfRJDhkOgtsvXP2mX4CA23R7PuMnU3WZJr1WZ1HkSfKutm585JCmEiNc9t57MlqD6&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.filesranchapplications.com/c?x=tmBj17FEa4SeVs4Kxg16lVzpMck3GP07rBe00sH4H2I=&c=Um4OEda408pTX2QJ3vieCPAX7lbj42N2a1bwgWxKgKJHcEOWWFppsO1c20ui5MDuFpumoL5EkVx6KJzoAdoKVz6OAF3XAvEAtbVUc/7MU/iX3aatw1ZeoFaRF71A SBA&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.cityconecpttown.com/c?x=4gHIUnTsog49TrufGm0JSIitl8ocknz2j01occBfP2M=&c=lGm9EKzNjvK6pD9S3ndb78G9FIHxMlgZu /lGshswhAJ4n0p8jWYEIIZM7rrmtDAzrzQkntfH5wGIqCRHXFlRsrL 9XqhMhM9fdHoiPmZ0Gfe8B6vux11ueuagDigRE8&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.appscontentsoftware.com/c?x=FlORyXQQue5oV8hfKZ6/TbcRFKT24atWn/XdL52nrFw=&c=DYlsM/xrQ 3atKQit0SE1rnAnJg3I8Vq9sUYGrfXr2nu/dCxQEXVTJTsHPlz NJRsi95biwVRyUhFee5wfz8mfbPHOzLtXbhjTeqNzZQJhEo/bYvD9vSt2dctLDDFPjj&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.stockupdatebyte.com/c?x=zx2kzzNkH5HVynsftaquLWzSWOSlCbjiZaEFbBNjUrQ=&c=Y8sB6hhiqRjBmVM5gNSEMbpQdE4MtHq7JKkz tGOL7MCcs3zVAPN6PPjqZYrBCEbPku fp Q GZz2e5DJsDQF4dEQo00yJsC3LLiNnn4CkZy0jLp1vBy3mZlGHDkdnQW&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.conceptssignheart.com/c?x=4D mUBtdcm/FpppvURYhQDnWkamjygto81swlrjult4=&c=UbUIvLvsRpyA6PGgrbs6v Y7i0CKGJVhldXJCbse3bgGM LRvPXypddwx2gkIYvbLRGEdT57NFFszxMYGPU1sgdhOYN XwBhrXftsRDAbnGElVl4m7fVTZEEFyEOhEMZ&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.filesranchapplications.com/c?x=Z 7lZkdKloOg7J1yF4gMb3QcV5RGL0eklM7y1Jm3pdI=&c=e9ryaoGs 3w5i2jQKxM0f1gA2XkVIdgwNR7dT7InEmLaXcpM/yFFiD6wDA Ct00tas4j1PgZ CVL2qaJC8dj o1M1sYA7RomDEXVYG35Qq0Pukexz2JxnU/BJA03Zrm&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.downloadscenterguard.com/c?x=gAlkOkwUjmvsCzNC8qrOTv7f35XajKoCzJGDyn/vKvk=&c=NIqHZjSKChhUE/fP7qeQB2kkHHaAG7LsLDY5PsbqjQyCTj0bxV/I1tMV9S/mNfDbYQGYVQ/eHk52EBEk797g5GQOh4QLaYl1ooy njwTXWYoKtLmiyNYKW2G3pbp/9yi&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.bulkmetaapplication.com/c?x=hIDRN6ZRVGXch/F97zeJGDSdPqKcCYRVMnzjlQL8FRo=&c=VjdP8hLdVFnTNAp22eNgOdBh/Nces54vvpVkFBKNJ5mYKIV03RZpqWEOWioVJugoaHEbRD0xcD OhBUcxGHQrHhQcmra6nUOACgQ8cJlak1br8d/9cxaDZaJRRzPR C4&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.currentbinariesuniverse.com/c?x=Fevoo9ZpUUjyV/2xxtIepNUoJ Wep5HtNw1tcpEq WM=&c=st12cLz9WAExXwfIGkJ7NJ6cKfzx7VWIzgDuwOY1oyIrbsSrXoz8nH/LwobQ3VVPNXEfWpWGatwmYPIB6/dFdJg0l4G2CMQmOC/1S vPaf9X79fhjIbmp1A L1dl1K8A&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.clearguardcity.com/c?x=bOiuZ3h2fSdcvaiggL1rKqu0krHb TPGVEHMBwOvH8k=&c=FoY6PgQbv9KnmrcnmDvvOTdWC2Tqu8no55zUd2etDMdr/NZY66sbwgaNwNxuBRH4pFev6T75vkCQlYHhC0XIAUYg1i9zwAjSEY2V9DwfuMOTRXV5XHgzxyDj2SMIZzEF&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.cityfarmtours.com/c?x=ZKrGhej/7wnPoS39a3WGKlnDsvbYrmmWmZ3nmKLfPzA=&c=IPQQHIwxMQwdFuwlzmehrl3MtP7GwJi9xw7VOgixbsgXnYZGK7mFcMwdBxEAlER0LElFZx50HNyYvkXULCfptxvKfU6re0KvKaRzbkLIB3D22Zw5BX76Gox6jeDrZz7T&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.appscontentsoftware.com/c?x=G0oM80G5kfzDG2rObdgxDzRCc5c91Xg8L1ZAVRYpgfY=&c=E8n2x8ituCO5HJduH4/3UKaaRHG 4OfPtkrFjc8aHNjklrY32LD26HeC2sdeRGKFTNX9GBNKp9U5ZEf8 BnCV1GFAWIJHgEmPUHeHK2vrfO5plxozXC7j14iydy8oTWo&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.conceptsbitssafe.com/c?x=iwKomHGQ405mSisR726279SGj2b6GXO3yaWpfaD1jxI=&c=xAsuFNOXG7SoKi4oEvxooy8GRteJFppwE0QDvHyaorx zBobias2K8SocKELgfEPdIZfPASrYmNd9P7rBwd bX2/jsJyOFowB1DT7n6A7/PpDz/dXtP/Wws5MpxxWg5F&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.megacapitallaboratory.com/c?x=wApjAQDxalkxUiMrjrtTHA6AM47POpfR0vykLJG8LQw=&c=7dXjdFE6ZoVDkJQ8JBf/dJ7j5kCbSlZI8dQNiFE51IVNSk6WxLDNG3ECyvmBeVzfSaAQfhdW5z5R6M3LXI9eOCR3NkflXUZ1HStNb70JDE0uTLtceScNvI8KGDRpqRha&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.sharepresentcentral.com/c?x=feiNMRXFsrBwhbwAXPwYfmmDSoiO326MXGtdwRyMsC8=&c=MGz JFnBs9esRNYZAXQFZOeSy6tueKXTJ8zCBJrRFIh6aSqXHR2K/eqRZYuYiqRC8 VJrlHDP49mFKd5IseDZCTf5IDEDDk1CDjshhIhyb3QIkdf9WxqlTTXFDRYFLvG&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.conceptsbitssafe.com/c?x=e9kKY7C9gG/5MSTjEKutCYMfyhx2GkXpaCaQwo9u4Yo=&c=c2zgyqWv1jfMaBQhmuUWI6qKCwsYmKGF5fVO4jNePGqthyGJiL2W8GgJwKylWXFHCHPDHQu4JdoNOdEU1/OWtwv7x0DxIMG6n5LDZoSIo8sHRGbM4lTl00iEr3rzOlIm&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.packagevaultslaboratory.com/c?x=eRuHmOcaFEpCP3kqNSROgM3wav0DPYnXx8BpibsqXgg=&c=U9ebaG0cgtmJBHH0/pBOjLnqdPgC62IRbTUbOoHn 6y11crJb4EPRWo/ MsCteFZaCrJ7WAn9WjZhqXiRbZQMDr tCNyzEmERXcJaK0rh6LSedQMFFzmBK9cmDrQBgLP&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.chucklesignstower.com/c?x=Ff6KliDzMoiXKgyiJou9FS F2H02mT/MdUcC5md5dy8=&c=V1xjuKbWQ/aHZE8KoOVVyshuWdfmpsB6rXDFSNFc34SGzF3AubrkCKft1ie2J1kguxIz 95d63Zujym1OlU oBa/Ni2X8d47RIIAZan m/LHD6udvFpu6HdMwtqpljqG&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

http://www.sharepresentcentral.com/c?x=qAOxlW2O7giq/cZ/BeeKrIaIfD5I/0YPVZuTNFjVsEU=&c=Sq9q/dM7ZjHEtpCwmQVjYyQRUm7krVwvUOpAfeTxDLwTiuXcY9IKDocaSczKfAc3E7gWD57XjNq0AEHy8 9YYloXGrS0SW5pDLJlLyoQlJjrsN3E38c wIunZQSmEaAX&downloadAs=BitZipper2015Setup.exe&fallback_url=http://www.bitzipper.com/.../newest.exe

Latest 30 of 88 download URLs

Remove bitzipper2015setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.