» finaltorrentsetup.exe
Overview
Analysis
File Details
Downloads (38)

finaltorrentsetup.exe

Hiduluh

InstallSpeedy (New Media Holdings Ltd.)

The application finaltorrentsetup.exe, “Hiduluh Setup ” by InstallSpeedy (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.headcycleranch.com and multiple other hosts.

File name:

Publisher:

Sekafaha (signed by InstallSpeedy (New Media Holdings Ltd.))

Product:

Hiduluh

Description:

Hiduluh Setup

Version:

2.7.5.7

MD5:

6b1ad7d9aa140ad2cc3aaf01ed033d52

SHA-1:

44a51bc2e2699a5020b5667a24b2bf8756d0c8a7

SHA-256:

2e8037f0c119fdf59cc5e4108b9396a85e2e0eb5993b522475770cedc143039b

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/15/2024 3:24:04 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.NewMedia.NMH.Bundler (M)

16.6.8.19

File size:

1 MB (1,056,072 bytes)

Product version:

2.7.9

Installer File

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Digital Signature

Signed by:

InstallSpeedy (New Media Holdings Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

3/15/2016 10:10:35 PM

Valid to:

7/11/2017 7:58:33 PM

Subject:

CN=InstallSpeedy (New Media Holdings Ltd.), O=InstallSpeedy (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F59EA8A6B04CAE5E738F6CB09D295BDB

File PE Metadata

Compilation timestamp:

6/20/1992 3:52:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:zC6tzjeUdH0pvUkGvpKsQXX61x6y5MyVMqCNDXG:zL1je2kyfx6iMsob

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9185

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file finaltorrentsetup.exe has been seen being distributed by the following 38 URLs.

http://www.headcycleranch.com/c?x=yBxvHVdhCveETRhu2LvfEGyMEn2HTioX1x1N quko98=&c=hH xp2LEmz0iypf oeOhMUo1G6 6Zgu3xR9eGTFABL9Kw7/I3QHNjENghx0TWrfteMS2DUCe8vaZmNXp7lCNSpIPkc yFHogDLtf 7SIO8PBrfHjfVTKM9z 8XOS 1s&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.conecpttowersbundle.com/c?x=MarTLOq3Frh7NYhBG1ve5lJMV0Su3yB28N6xqxRssVU=&c=VdIzWOGs1ErRMpdf/XF4wcUavIqkROKZFyNKSbTE0rwGBW0kemRmHyOu0NGsr5JwWG6x F5Q8WNAFHykHRn8DfYeyaYDIy09p4GTbiScTuGYQ8W2keXnaPqrktxrBYEF&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.funfilesbits.com/c?x=OF1xvR6VEOoDztkEv4cEgMFxipXyb4j/x5uIAKEj8Sk=&c=ig2Fkui5BKZn9hNPL6OhasNddpLHqnwXXrwp4DLJ4ejMOpDRYvaFbUo8332BnygatOyrxXERX4XSqBp1CwUq1sX1lYyUOTPLc0yrrDlBznDF8mO4M4U1l43zX6o9AF1g&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.metasignflash.com/c?x=efJ8cEr4fqkMDV8P3NtdOd9dLS7OY0Aa zyDObQ3xVo=&c=xWBxsrCc6NYnlXpT1lghLxgROaWGohfxK7VgmTgNF06LAdb4ajwDzcAxfYBlBWxCg8EKJv h6hoyQ2jv862CdTE4wlr82qWZKPXN5klobTtQdPydG8pV5XnId8loZrDN&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.toursigntours.com/c?x=Icnr4G8CoD molwafcYmt7qRhy1sqquw4FSSylMshoM=&c=EjZq72B5PQI4N8MbIpvSVZmU9FxuiHNx4w0fTfjeF64ehJjtA3Iy Ah5e3YjUwxuVTED61P0f71ms5TmxIQpZXusgF9zBWvNmQV1IrSfXFNla6SlNdd75B2olLwJk9 w&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.factorynewlaboratory.com/c?x=1AOjoM5N16T0IS8I2TlwTvuPCnK3QwFXugXtGCNKsx0=&c=061lukxnZAzaOH4KX1FHY0ixD5fK6Szx8vpMr9O60boVBKkj7v4RXMbCQwSib8WEtAZZpxCtRk/TiQQnL kdKAbYcWRt/WtqX1LQorfEZ9rXLNsf3688H4qehEUF6H9p&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.funfilesbits.com/c?x=Ur1Iu8BoRE5z8wmEwPD/6n4SbqcE/zEhoZk54Z7wpHA=&c=wVYZX0//gN/dzokvb EHuPZdiRm0tPH6F0RSoVXqgJl2Nw5zdU66p8TscDGIdPCaVui8G0 NjkH0vpDNZ435HBmzE5nHTDWw1XQeH9N98jUj4S887zHvfjrD1b8w5pgx&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.vaultconceptsbinaries.com/c?x=JPGJ3R0nKZ5gHet2FGDNK25IghZuooLiZHGAz5OS0ws=&c=pt4MU9lpFdWWy1 Pw gIRKsJyZUdV0pdbHtOo77baa4FoLO9UEKV8cuWSx4o5Ub7Osxz3hS7OJLYdVElUE8Pl4MupzZD/4JOxJbDyYmeRnKcuQYfR5bE5KTH/exE0Yp0&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.cycletowerchuckle.com/c?x=4vgjcGGcDqr4QtX4VXyBkYyprWl9B8hNCkUKftPi8Qg=&c=2S4RPnh1eWMDRdf/CIi8EpA8yqaQVzZY13lXs3u392jTy7PCoA3NzBpLsAgMse8akmxGsDEqU3vYfnpXAknnzmygkX8nZ0T TPgY828aUb9d iYIgLUxZchSPFIfMFMO&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.currentbinariesuniverse.com/c?x=EeEEsuKEpBgwJJVppa031XVp1WKdXy9VxOCBQDY8yaU=&c=6fe30GEWQr4YSJZ1K qzjVXCr8AARBAHfVD2cyXy4jW7m6DDl98fkLqXw6iX6oex5/UPUpPyjoESicy7wFr/k5mKqe3aLlbEWNLBNSpHwNo2f5HHaz4TDddjW5V7qwQB&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.cycletowerchuckle.com/c?x=6THVStLIK1yvm EkEGzWBNhhTvbzJ2za6ZK64jL6CPU=&c=GgzfYL8pLY9wqE5eEtiqfTT9vqYUEws24zKx6uJDBHxf2MmPvMiuajM rJTP1nuDb1nSnvV1u aFeypl6MnnCtbsZNfI5F1oUiwpaZTwKwe6sYWq38emzPpzuYZW 811&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.tourbitscapital.com/c?x=j1uVumPlNT/C9/maHMOQMB0p8NZpfbO9zTfKl5rh/jY=&c=n0A7ciKapnJrj9oWSRRwXCcyeC97r2oLSra4goBxczR8zSQ5a6zcytXeW In2aBrl/j3o 3Vgyc7d1MuMP7W1VPdJrcNQmiEQ p/OBtrHCajH8ENz3Wiqp9BN/QnVLa&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.applicationmegadl.com/c?x=O1F5Qw03FZUDTxvMUzaiRPM0p/x6aJkZa7HlZAWGN3U=&c=ALU/OMbRC83zUsOIOacXGYwTG9hFX2b6L ciCVLGUkbq1DHftBgdAxrRpReRyyEj3qTqb8rWhuUYPB7dnv3IjKq7tY RL5Xi9kKeLrBkGyMR0qtiMUrduTbw8npl WFn&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.citysoftwareapplication.com/c?x= OjeT2YPmxzMS9DkMm5brq/61OUbEcPbc9HM18FhyQM=&c=qxDCs95pIDeZdj1D11JjUuvbikRg0TB6D4ILyY5K/1iPC2bMTschxSWyo3GBgkTQOpmJT1gilhzlJzXqg4SCKBeRvALQ7SzZ/rASYs4rJ4ujOgFDBEAZkf9/YFyzdHEW&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.sharepresentcentral.com/c?x=c9hz7 hvj7FIl/G5Oka0fEtIsnLHr6ID 2xhaJ1cPO0=&c=klrLiT80SdV03DtddNfU78AeybvH0lT11bEUqFXYaDLBzmTHwO2NEzU34INqHsUR4tSTChfw5vzRyG5AzwfQV2uZ9bK8fvn5a4hAvH1eelJ8yLF35peGd2C9h4FaO6tG&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.toursigntours.com/c?x=GWHkhVT WOVf/uASWV4mRuzMoDLFNdOYL14Bjc2Sw2U=&c=AftKgZY17O4o6P7Jw9ywaAQTWOswFVung0yLIr/0tUBchBMv/ql6RZJWaGK9YLnX7qei82d3jR/G39wFBGO/IT29Yo21jS/5mFJfuZlzno0enJz/R0uXcGohRVLiUfr5&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.toursigntours.com/c?x=mCI1UOcWWdGjAK2ZTPKsBBnF bq2fX8TzV8UgcK4F7I=&c=sLjFIDtRBTx5b5lh2Oed QRNJXl/CT047MsE7nNqBu3m/mzx Zga7sf7ZEqzYwCENyObTKEcFWBgGTiLMnXRlf1Lr0ZO8fucN2hZHXm0v EJg77p4VvhTrdfIBKP/3z&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.packagevaultslaboratory.com/c?x=PpYDXPSLrpRv KbUFFRBxCsSvpY7rPeDfwQ07FqaLmI=&c=yJ8ZwGzA 5lFqvMZARsW1ah3 q712 HFAIzKUbaPNb6K3r9HcS1T4fbZhJdOtzlxf13DE9AlqIA7Zhj LwgaeLsR 8mfXkLtw6cDUKFgFqLZ0FfsDX9fifBaVaOgEEKh&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.applicationmegadl.com/c?x=1HOAQDSgkEdV42etMZ2zZ9Ls2gG1Y/iN6eLUO/QQNFY=&c=kOI6zn2mnSTQDYG27XgJrkYp9Qt546PwWqTa9IMAnCgkuviRdOqvKBZCXl 5Z7zi4Vv0 oEn1LzRUC/aRYOypUvfWxwm4NMeP8p0p8zQ4GfZJWbExACAbTuRKcM9AEj8&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.clearguardcity.com/c?x=zkLzHdgxugptjrAWr/6STi6Mx2dr52PDhtC3AfTJMWg=&c=ykrfhWG0AUqBlOa3vdsYzL3BH2aLPUVy0Nd3U7Nzdy8erKbXwzXE77oq5WlsYr0WceR4Uu1jaH3xF3vs5gAvm8N8NDb8bjlJrjtqnzC9IUU Sf/cyfultNzayh/iP8q5&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.applicationsfactoryfiles.com/c?x=qiGoKkIv8bAaazZ5gt38B9VYaTm7SQ67aPgrlvYzu3U=&c=5I K6al9XiTpu LODRChSM2MsdxtGglMUie9R7jNuNmnBUo9THC/WJh/Sn3LxymAs7awCbHZNMpsU96ZoHaTiYn/lGXfuajCJoRLBDqq474W1rZVns9FDXdIMDa1KeLO&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.deliverystocksend.com/c?x=LKgsy5CKj2yvRNZ4nclK0mwmt5fWu88EYSDFSadu8tA=&c=8ADROsPHRpz90x74TG7kBP/1O9nwSuqL9LnQKOoiKbQpYZCEn05VFH1ycr64XV5hNCXylI9/L2s6Ft4TmTYCQWXpAYznBpyn V0DMyr/ U4lCVfg3h2MQLbZMrChvwz/&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.megacapitallaboratory.com/c?x=bOwp1Qk49j2xcCQlrDcPRzKX4rXzEGwKq7mbix9pftA=&c=ueoKODDYCOgwoMRgc1rWCleEZOnaHYDN/S 1dEMVJvSUqjf2BWjiI4RM6Ye0bSPQOEDsGu2uBARPhDpAGZU1e3HtaltURA7ZwNmVIxKcq9g76m5/AdW3or4WMM PKUH &downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.applicationsfactoryfiles.com/c?x=spZ0upLzUENwq43AqyeI6a9nh goKUgO7LGx7lKuirM=&c=Z5UbyaNaGTAO19lS/9pCkXkRdjRCEINtcDfUPzUI18M/pdGFuAN8Wd3yHCNMhbmL27RWnfdAnsrpGIJyhj4rCqetiYT9URcCzU7tGPdZT95LV5EDeNIwuXHeles9Chuq&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.megacapitallaboratory.com/c?x=kRibu4dG6TKmYecztCx2PpADEyQ/kKbUXpYmbxbz6z8=&c=NpUi0WP8cfAz3PuODrsayCntNKqw gAB5iktY5bYzGk3vS8O1OyE0ekN/fSNe Nm/u/V5eCQ1Xy9o7fP76BurqnA281dQJBrbZrPsyDz74kYHhINy3LU2tUm49zQnJM5&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.contentcyclesafe.com/c?x=XbyWC9E27w1QU0pnF9wH3mW81T6aB46xIxGGUX7EFrg=&c=XeG7qX9XHnnDHzA94PGx6WtZ7JwNO3Cgb3u8FShnpHAbcFfTIbXqRF4Td5qWS1rOjzpE3I22roXStpAUEp5SIgGzWtId0iwwCd OsFAlf0/9niYlnxU8EGV GqMB6rDW&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.bodyvaultsbinaries.com/c?x=QyBGi39yHUlcPqcYW9m/IbD/5ZDjXw7xuswOiDaSN5o=&c=uFgHObwyz9r6LzHpRgV5fS5g9hY8K6HhN xPqzzH7Mn71y4YJ2bS0SavBzpQUwWuFxWjN0uE7nryRAUvhKSynEB0bG6MFIoVOf0GRmSXYm/F4MBM93XlI7iy8iHwQY0L&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.applicationmegadl.com/c?x=8FYu0Q0N 3YCtq7AJm1la3k/SuZuGVJ2qOHlSc7HIjo=&c=HjSjbsRFdQ6RyVp7rgz RwVbFYBWVoxOEBtUS9rvdnkC8gC03RFzEgG8A0Wh7pAUSLpQmFyJuSxPhWKsCiYlY9DDUaIsUCc9dXeF5Kx/zabnYDGZw5CiJc5UqpdrpdHW&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.applicationsfactoryfiles.com/c?x=AYUOKwx1k7hgtwaPdEM G8gn0XeVqG4ybQDi4HawdoA=&c=A1ZlISyrUycwjkSZa4Z3jX8oExsBfzucVKNq4BkpKg4nqmyYshOlz2RgZpy v8PULp0Vg4RIdEkVZE9tjusrcPJtJrjjl2b7RcaZ2YYHpxfJHvMphywObfYoPIEYm9pX&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

http://www.headcycleranch.com/c?x=ed62L3RIPccKmTE9TJX/ofYysnF12oRNqX82jSCJusw=&c=flD8B1nB9r9vZiksoDyt3 xowq /fMg8zFuzm7pNqb zwUbnNKljFqyN2Zw9 ZmnQSXdAnIPxVYe1yeIrAqQzmoJrpc7MB/6Yzjrv1T8UDSwqp1rOCLxjqPIit3nYGyw&downloadAs=FinalTorrentSetup.exe&fallback_url=http://www.finaltorrent.com/.../newest.exe

Latest 30 of 38 download URLs

Remove finaltorrentsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.