» freefileviewersetup.exe
Overview
Analysis
File Details
Downloads (191)

freefileviewersetup.exe

Hiduluh

InstallSpeedy (New Media Holdings Ltd.)

The application freefileviewersetup.exe, “Hiduluh Setup ” by InstallSpeedy (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.safesignbundle.com and multiple other hosts.

File name:

Publisher:

Sekafaha (signed by InstallSpeedy (New Media Holdings Ltd.))

Product:

Hiduluh

Description:

Hiduluh Setup

Version:

2.7.5.7

MD5:

ace55858d5ad3cbca2746ae9d19600de

SHA-1:

173f2a533e55ae737f5bb24ebb5d1f78a01bfa21

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

11/15/2024 11:22:21 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.NewMedia.NMH.Bundler (M)

16.6.9.1

File size:

1 MB (1,056,072 bytes)

Product version:

2.7.9

Installer File

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\Documents and Settings\{user}\My documents\downloads\programs\freefileviewersetup.exe

Digital Signature

Signed by:

InstallSpeedy (New Media Holdings Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

3/15/2016 9:40:35 AM

Valid to:

7/11/2017 7:28:33 AM

Subject:

CN=InstallSpeedy (New Media Holdings Ltd.), O=InstallSpeedy (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F59EA8A6B04CAE5E738F6CB09D295BDB

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:gC6tzjeUdH0pvUkGvpKsQXX61x6y5MyVMqCNDXG:gL1je2kyfx6iMsob

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9185

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file freefileviewersetup.exe has been seen being distributed by the following 50 URLs.

http://www.safesignbundle.com/c?x=FisLjHM2mBjaeIYnDoC09a61IKOilbJXOKvAK53XbCo=&c=TvoWsbvDxt2GJQolLTxEX6jJX8bz027cvntVoq rqii86HnuiRXt3UBZbvnTnDUk4 tRwTBmDzC35TMZrippVE/mo4KcNlxQY/K51DxcTp3wALze v09M5DXHPAAgiTw&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.cityfarmtours.com/WVl6OTRQV0l6UmxaWFpEUldjRlp0ZW5wMlVIZEZXRGhqZFdselZWbDVZbkJFY3lVeVFsUmhNMU5UU3lVeVFsRnRURk52SlRORUptTTlZMXBqY1ZRd1VXbEROV3hwTVhoeFIydG1VVFpCWVZCUE9IRnpaVFl6YVZCNVFqSnBOVGM0Y1ZSeVIyNVNTbUZxWVcxaVVYUTBTM05ETlRaelJXSnlURFJSWWpreWVubHBWSFZpU0dNelNsWlhjVUowU0ZGclRIRXdOV2t6V1ZGSVIwaFZaelpETUhsdGJpVXlSbEprVkZJMFMwSktSVTlZYzJORVZERkxhR0kwUnlaa2IzZHViRzloWkVGelBVWnlaV1ZHYVd4bFZtbGxkMlZ5VTJWMGRYQXVaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHZDNkM0xtWnlaV1ZtYVd4bGRtbGxkMlZ5TG1OdmJTVXlSbVJ2ZDI1c2IyRmtjeVV5Um01bGQyVnpkQzVsZUdVPQ==

http://www.bodyvaultsbinaries.com/c?x=R61gjp/LeZ1mcqouF5tltvHqyzYpf3Ncc26R2wHgMFI=&c=MYojVqq9YDGS7U GxLqu/NcMRC/TdiOVbks0SNUJg5lCdRZE1lJ4OPBKKI/zvV68SuOlXmjyNutE0b8zk4is0DaPQ/peb6Bo0MN1megixtnT bfTLK8TY UXMXxTbk1o&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.safesignbundle.com/c?x=IiSEfNL2xdczOnqROGkYEgFJQkQEIt6v2amj2sOexb0=&c=UPlycWKUKJlRI XStSSg2c2eOhDLvu/NVF4enC94cRtAxmU0bj6qRj5FFeSqN2y GmibpZ cBecDUu8MQUg/0KWlwQWm6LVk3yE5E0j/BXKezV71bGM5bXPsUC1M7RFY&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.chuckletourrepository.com/c?x=v5Xdt90X2cp1hN4HqtEfURUXTKBEg L0x89YGKxmCwk=&c=k6SLqk9VWAZsNE3254qBAd4lG8J1dwoCf/DOsaqLYItg6J0ssaW0zE6Sxd8QtteaXML4vDmTIUb/i0uQRIbLlGJORJ3dVMIkh0G1KhO1boSkfpQziduqrF4S ZF2H0ed&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.headcycleranch.com/c?x=X3bLgSLTk49U0g2L4P3Y7rlcuATcUzeQ29YyMYiNVnI=&c=WjgfjBggmyp2dAmQ0Sr6FITbhFbGooxoZv5rXLe76mdmF1nmhVquEv7w3b/iSxtAK03Yx1iVo0IBxiqLQ0lgYUZvYF2hndcfeU4V0jAqXqkcPRfDG5jH5le45CBfdWnr&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.stockupdatebyte.com/c?x=5xi3tHCqBC vUyvSNX4PIU7d3Ew3R0q/PD4eIYthUcM=&c=/WIEXjKEhojilIh0bOUZoFTag8hneI/t8 uW4kl/C7ipXQz5zMOlmvYO9PT1ZU21rTzdM/Uoe1svTlDBYFbW88JURXyMgBp6cxYP3i81ODV13Bc95YCN5G5mFOehphM8&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.metasignflash.com/c?x=XRqCGUcgjMAx1B1neY2fXtux94swsA5WaR5Cvy6SeDI=&c=tqvRwwn2YMdlnqGr5XW7azBGLz33dCyKNFmVkHS6x71jDYT1lcK cszAtMUuVU3sdFSvGNWu489Tn6bo9Dm2kINkbykJrUsiFMdsueUfw0ovfD jVc1z5qO6WpkIbcbP&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.citysoftwareapplication.com/c?x=9tcdOttu 4qzUQtJL5Glp3mS 9lxBNWpKire3Q6avj4=&c=igskYpqQFhsNL6ZmHsYerPb1eBDpvWn2lGuTbDcy2ebfKdVfLTi41uqqPldm7AcBrMQeaWRRwUzFZblBOGei0o4u8cbgfTlqHu91zUP0piiRuFeYCp17brlk6wIujEz8&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.megacapitallaboratory.com/c?x=Tyb9 XKc45ba087KpOvANzJduWB6VqIfRVrdpkILbTY=&c=qIKbpcPUrl1o9RdPPPdfLtze02d7 i3F8DoWLl m6KGN5xBbs9tEw77NzRPhoWHTkt7OAA8b52iHcLWV9tZ1y8mFzzavdwTGVOqi0XCYTKjoBih35Am4dqjcgeyINLTT&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaulttowerssign.com/c?x=WgX3wVVIN4ouY0JTlgC/ 1ahX8DLXKnQ7Ohg LRIcAA=&c=05Q4uTXbX7LHcUuRQizw5s4tU3QT1R8mcI4Bkp62T0kToSSt5YdBHzPA4fu8EV8RoaLplH5aj514RYODp/FDllp0gvtMiZYFX8Sxr9mu0PNMDmbDB8gxY0gSCoFBX6y0&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.ranchcenterbyte.com/c?x=Si/qibPH1Y nnDhxHoINo2Hsml0OHqqvisyRVpbwM/k=&c=5Pr9GQIq16QwcU8Zx8Nv3chWHdDOfbaT 9f7JLUm0U2iUfhyfMDi9OhjS5nm9zj1ZeD6CYetZ/Gy2M32WYwjAKFALknytO67o7 OPeSS5assA286JRy6HYbJ74 0fyY8&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaultssigncurrent.com/c?x=8nOrRtzD92o2FBn27Dm//tVEJzhyNQiNzwBLTmUz8ng=&c=dTR88z x trfExeugMUBWh4I0Fg0QLcYR3Flem3/cGGc7JxkCBe0lR67IdqU1c3UoGpBjn0hTMb9Yvh90cXOOUTAlNzgQDRCGFhi7pnMNyZrq5eQXLoffDBDSEQJ3tiz&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.bodyvaultclean.com/c?x=LANW/LggzaOhBTboo7YJdZmVlHldZLhcqU7fYBiwf1c=&c=23/Yf6CqeRFGC4BqdOaid1j5mUhcqGIdVJYCEQRyyLTpwMLVd GUXex1Cs25gqAWSreI1z/CnwjiCA9Ym50ZrFnSfuxt/ggmKb/X9Gd/yZfWOBxhxK6QwdHkYNHm6d5n&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaultgrabchuckle.com/c?x=GRpnPXqiellPIqs0Uc3plUDBMVLQ2PiHBxZFoqsQ0eo=&c=3BaFcdESztS1Z1sWlcELn0dWZy4RS08d7FBOLBQi aqaudK5sgbQMbdjokA0rRu7wKvKSpgMnj9SExGfLAK t/wDknzULH4TuVnS 53kbnsVXn8 IBf3kBKu9DOnkIwC&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.universechucklecycle.com/c?x=zSo1EG5E6xvNFlQS3wLtqY0hjoeuctq nl8VZnGpE8E=&c=83KKgbrLNhUqlQyPBio076t2djgOdUu5ZpHq56q9GFR /44Zs7zpW4XaQOgMpJJffyDk/dWUzMuxXG54DCtz9PKS25QVmYiw9Wua YtPyWrR36XmFR6fPkkIkyYNXFZB&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaultsappranch.com/c?x=fn8kpEBeXxKhGHsiG1K2hhdkyfxJutxEsF7y0bWF2XI=&c=zlwAAGdbDPsU1nCUM/lQ5 S5lGAbZ1/tG0OpE/6izRSTAHsbZbbPGAmxs3ifYmpshAoPuTCEI6NYugSkKS v1IZy5 eIjQnylJpgE2KSV BI80XrDwt4mEC1hCozhvI5&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.towercapitalgrab.com/c?x=iuZW60v9RphvL0UdIE7AMovytxs8TFfyFFFOFxge5Zc=&c=0F0D8sVMOdXHCXkLGdBLVZvkE8/Cz9wIWKgral2TzaV7dUAAKnH2jHXXpDZ8dNax98dIL0DZN0FqS8eY42sg145fSwrSce7e1VvngkB/VXRrvQV4g69TDii/R44k73XI&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaultgrabchuckle.com/c?x=G7uv NOmVIC5pQSxvzRaMbgJQSNhrc7lIhFp0gM23E8=&c=Fg4hR16ByK4wB747ysZsRHxPwRPKRGKIhWk3BFqiK87GFzB026wzKsSn4g4ODiyiEaqSxfYyv36aREKHDouuML9NK3LX83bdFJxaT5FIpgQ2lkeOkIW3vXsbGS5V4KUg&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.farmtowerscapital.com/c?x=ATSqdXLfrH7/ZmIvKQfnvKZg41hJcZ7R2ywFnfJHi0o=&c=F PRORACxS0Gio5Jx9Ag/XUdrJ/GXE3 KwNEQv7N1UvPiKME1gpf7bVIZXhBh6T4uNXUt1t1owNOq1hIGDYptaZjhYcdHe8RRJJcW9kHWSpGyI43W/HNd/GMYWf/QJ5s&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.bodyvaultclean.com/c?x=vvuzQykteLjp8XzVD 3db2rdFyw9X9j8S9Y1D2mKDIk=&c=a65q1K354DKfNzueUgPcd1D/BCTIAXvVUMA89 24jhuZF/l6BkRWkL3HILq8jD7dy8 DRDLPgcGB3AAHU1EBFAO5/KzxVfgzn9gQJzG9J7yVt7aaMAK/Kbv28FcS2S57&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaultconceptsbinaries.com/c?x=dxKyWeStSuzdrbTZA5oSfePiFXlimvapXfDP3tqeeQM=&c=SabwgLZHMCwWriBpNqmrqP7kP5BifiqQkmIu3UlYL8mZgT6s0VnEPhUm8Y9mWtdmmzcGRnWdiSf8NyokCXg8RN/yU62UgH56c940ov9r6bmkKPcl e4CB uVF0k//BOC&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.conceptsbitssafe.com/c?x=zAS3sfmYFdgTNKnmLAYLpcqKoqfXqRtybzFKOYGyHdk=&c=uVt4BqlMszOlV/Uz8F95cVB8CDk9GSp87A3XAsRJpGyzXujZfhnNZ4vCrggbnQyC3dXL9X8rO9Jw6v3tiwBiipfZQ7It8BuBqW7Aigsxy eXjk0tnoCUF2U9niYNHUD7&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.conceptsbitssafe.com/c?x=uYdNu6s4nrRZ6kSAORjgSlo7gzAcgnJ7Mt0bPgrpcyg=&c=l Gl6Aai8YvDdHQ41GLA9gc1sbP9hSIF VIE7Hl5qhVEM4XNE/k05 VFplrRxvmWZLTltZJoye2 vsaOnPcrT5xHWIRMtCRtBnpzCnIj1lEL9xEXtuxV70kJ1o1OspeU&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.cityfarmtours.com/c?x=TBVaU2k6IPTLaow7dAtxaqwZzljb2IN6qLcbyJdavZc=&c=86/efQNvBP/JTWyybeRL15wFuGg6UuS1jh8zTDPQMGK73FnJGzlxIpQVhXOvQDUxzGTV7mNvDYqkeZY2ljwahPNJ z54Py1d/suceSoG3CdqlUrPjft0sNFlqOU/JSHk&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.filesranchapplications.com/c?x=rBfOnUhEyDKdLwgCVNx4LernMvuQZfPEmJoPi2jwYck=&c=zP76aisIEAV5fmbPsZbiBJXHkkBJcWh8ePLGuyRSh zpqC5rIBodgWGTKhQyzlzYOfgdjx43rIwHRifgo6nJusQNBuuBfErCej0SdJQwBl r6SsTAkPtCofCNQuDDRrY&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.updatetodaystock.com/c?x=N9ZzS5Zf0jFCOFhZr4ApGu07lHbvjRvrggS5R03RlAk=&c=NYtjnxtfdNUNquaSlVPVw4OZ/TEuOPj1NVIgzwoaM5UaIsaqolsW6oKu9OXxOUV7fRpsow5k0625mkBCdaf3dFlKsoIJo8ZRixb NgohC/FJ SUuz5Vqt6KDxU9IGoCb&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.conceptssignheart.com/c?x=qeRHJnIpaoeMAkJG1yCgjDvpL7ssyc/Vuu0sIcHOt/M=&c=f7U8cltGqE/U8Sl9 iYtnL42cDbf5Pm0xO1C6smmGtNF/JodF3mkaC6zi5Kcx8QuNf0snnUT3wLzDD/LErvTwCUHvsJGCQFQni5olm4qpnS8Olk8NLDq25h1/yMX8n3t&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.deliverysafechuckle.com/c?x=LewX5UAo6S2C6LnvlS2fC0BWCvhf37sDy//qyd2WSOM=&c=HqPgUjWYFfL27mR/TxNdnWmZxfT9bVcE6EABzO53tovV5GqqOrpEmslpzoU/HMxEhsHQz6iypaRJm5IdlvAngH0uEZY4oCaXbnaZqco6fHly/feb8JyIxCs1ceZyLEpM&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

http://www.vaultgrabchuckle.com/c?x=44VGyCfue1ouS4VPuA Zh/ZkjjyQZO13xkH18 /CXDA=&c=P7KmoaX2bwfVvlLZ7CuGiQVgrGZNXI8MpFIklgY33dFq1NGThbG4yfD/QvzgOq7x3ZAUOVr FejHexwCf0G60GnwKgKxhuwvLFE6y6ePkNBM03Dw4b cbfL1L4Tr1CbG&downloadAs=FreeFileViewerSetup.exe&fallback_url=http://www.freefileviewer.com/.../newest.exe

Latest 30 of 191 download URLs

Remove freefileviewersetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.