home

glide-video-chat-messenger_setup.exe

Nop

Strategic Media Enterprises, LLC

The application glide-video-chat-messenger_setup.exe, “Nop Setup ” by Strategic Media Enterprises has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.quickvaultscity.com.
Publisher:
Strategic Media Enterprises, LLC  (signed and verified)

Product:
Nop

Description:
Nop Setup

Version:
5.1.5.0

MD5:
fc45af48930123e640270261b7d59bad

SHA-1:
32ad4b00db1eebcc8e2f24f0e33bab4359e7553a

SHA-256:
d4a5e47b11352af5620fdb3308f4e6e5673f8ddc1421bd837e156e6b4c20dac1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/30/2024 9:11:51 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.15.9

File size:
1.2 MB (1,273,696 bytes)

Product version:
3.6

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\glide-video-chat-messenger_setup.exe

Digital Signature
Signed by:
Strategic Media Enterprises, LLC

Authority:
COMODO CA Limited

Valid from:
4/23/2016 8:00:00 PM

Valid to:
4/22/2017 7:59:59 PM

Subject:
CN="Strategic Media Enterprises, LLC", O="Strategic Media Enterprises, LLC", STREET=3000 MICHELLE LN, L=OAKLEY, S=CA, PostalCode=94561, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
52133BABFD98A31A69782D28CB663FB5

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9847

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file glide-video-chat-messenger_setup.exe has been seen being distributed by the following URL.

http://www.quickvaultscity.com/NALb4rUr0ZG6Omfo3LlM2VlJBYUQJrWKER4oo71FkQkWefbsI5V6fUZkUY2uT6D_eXPQrGgES0SCQwtQ6NNbGu8E1FJ3G oE_i25IQv3xfZ40wWEp639I__JGTs9vmlH2VOYM GM26umMGsW7JCzLO _25mLxDfGkPSOKuux aplMc2Dp6BvxZirVg7OtZXsPSpOErKsvzvx6qx0UzIO1qwPj_JIxdC D3_a1CWEG3dlUIJqQg=-Gz4AAORtm8 KGt12Z3SUkKAElSLYgAOnEgmQlxPsMjRemKKsWV3R8y8AQWfbRjNHaCKdLw8lcwF6BA==

Remove glide-video-chat-messenger_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.