google chrome.exe

Internet

Silver Setup (Fried Cookie Ltd.)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application google chrome.exe, “Internet Setup ” by Silver Setup (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The installer is marketed through download protals and search ads as Google's Chrome web browser but will also install additional software offers which include adware, PUPs and browser toolbars.
Publisher:
Silver Setup (Fried Cookie Ltd.)  (signed and verified)

Product:
Internet

Description:
Internet Setup

Version:
1.2.3.8

MD5:
54c6e0c07a5e3e2869960889280b1b21

SHA-1:
ea9f292d5dbd7039ed4d68717ac4bbed70cd9028

SHA-256:
24b05e6cb73568ab9cc86fbd119e0fd6c6ac838cd94b26244cab0ae1c53f857d

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/2/2024 4:27:56 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.Installer.Installer (M)
16.2.4.10

File size:
963.4 KB (986,472 bytes)

Product version:
3.3

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\google chrome.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
12/16/2015 5:13:58 AM

Valid to:
7/24/2016 7:33:54 AM

Subject:
CN=Silver Setup (Fried Cookie Ltd.), O=Silver Setup (Fried Cookie Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112140334915ED026A82D6160FD4F0BAD4D4

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:6evQdNB1+F3tA5IWFJVxYRDRGkvUM0R/JZNs3:6RPB1+dtAJYRDRrvBC/JZw

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9302

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file google chrome.exe has been seen being distributed by the following 50 URLs.

http://www.downloadbundledownload.com/c?x=yxcyq1deCmEXXZby ACba0lU2GiVCeZsMiMrAuLwNXI=&c=oCvzJ58wxTXhSUlBDHT3rqyfB48Y1Ji0DYPtqQJFSpwvaIyeQNKZmWEqQNxv/9LtizYvIMd6gkqgT1aRi/.../3NYHb&downloadAs=Google Chrome.exe

http://www.repositoryhostinggrab.com/c?x=BUGz6bIrmWGQ2KxPIhBffb29kHQQE12o63nNqnVwZ2s=&c=fPlx6LyX3WdWlal0ka0nSyqJU93ON0dkuHamgTq/CgZMLHwgVIW8ddjeRlrNOwFXgHLykOUpV592HHJ/HoJ3n6dg2/3K9sOApk/.../nP3&downloadAs=Google Chrome.exe

http://www.downloadbundledownload.com/c?x=Pv48uEgjBtZNNrtz0qJdGMR578YdZIqF3nzACzdTkfQ=&c=YFNJfwzP6Eu8g3zuPW1EPM3TUbYebosNjkcce5FS1Wci dz/.../yvvMJqyf16wWyI9T np I8Ml1LZC8&downloadAs=Google Chrome.exe

http://www.sharecleanbest.com/c?x=OhFL0gFEx4xPSROvYuGhuwVgJk4YMlhMPzZ7JJXS6To=&c=dsLhw7t/Wqy1DoUgqwciHpxSAtFb/8zQX6VvVWlaYlYUFh0CBg8 mX2GuWsR/.../qxOl R7tpW7x2OmU9hlxvoUodAGYD6rbEs1qudem TX4tWjdtxr0&downloadAs=Google Chrome.exe

http://www.newsignsuniverse.com/c?x=/.../Xm&downloadAs=Google Chrome.exe

http://www.repositorycurrentflash.com/c?x=Vf9LYlmxxP8FGhDG/bl8NzsZKWn0q8w56L6Bq3NaFyo=&c=qKEiqJQFGZaq/KHeXjikcgqGKPniEH872Uujj1l1WiJBbQXu0HpxC9gxlXLEs7r/.../iRmrfjJUdSufcXPpMfrK3&downloadAs=Google Chrome.exe

http://www.newsignsuniverse.com/.../fII=&c=0aGOenwdJS R 5U5a1yihT6eugULN4L0FUIcs lyjMoEwYBtRNmWSCi sIhfIqwb93KrarQImPpzkqNkOmaeZ4uoNYuK3PB0zIwjSojxvaM5J0IKoJ0hNt7mJnLtte13&downloadAs=Google Chrome.exe

Latest 30 of 606 download URLs

Remove google chrome.exe - Powered by Reason Core Security