» icreinstall_gta 3installer.exe
Overview
Analysis
File Details
Downloads (112)
Network (3)

icreinstall_gta 3installer.exe

Kasobocot

Delivery Superb (Fried Cookie Ltd.)

The installer utilizes InstallCore which may bundle about 3-4 offers for various ad-supported toolbars, extensions and utilities. The application icreinstall_gta 3installer.exe, “Kasobocot Setup ” by Delivery Superb (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

Publisher:

Gifudamab (signed by Delivery Superb (Fried Cookie Ltd.))

Product:

Kasobocot

Description:

Kasobocot Setup

Version:

1.2.1.6

MD5:

bba86f59d273072c4f9c24190628a800

SHA-1:

5d425d3a866380a5b9db552b886e2ce197bfa0b1

SHA-256:

f2a83b77092da6a8c24a6b0cb0c8edbd754d0b310cb4083b0185292e8fad8b28

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/16/2024 6:07:41 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.FC.Installer (M)

16.4.14.0

File size:

1021 KB (1,045,480 bytes)

Product version:

4.6.4

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\icreinstall_gta 3installer.exe

Digital Signature

Signed by:

Delivery Superb (Fried Cookie Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

12/17/2015 1:59:53 PM

Valid to:

6/22/2016 4:54:14 PM

Subject:

CN=Delivery Superb (Fried Cookie Ltd.), O=Delivery Superb (Fried Cookie Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11211DDE033C8F24FD358ED7B6271AD4DE2B

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:cw7bS1LohEVskEDbreTBX9I+6V0yrUbkqeAu7:cc8mqskqbrktIj0yrUb+37

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9282

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file icreinstall_gta 3installer.exe has been seen being distributed by the following 50 URLs.

http://www.megacapitalgrab.com/WVl6OTRQV3B1V2pCWlRVZE9aWFpLSlRKQ2FFUjRjWFpFVW00eE5HazFhbHBVY2lVeVJuTkRRamxQVUhWSEpUSkdkVVI2Ym1NbE0wUW1ZejA1UVZoNVJYTlVXSEJWVTFVM1FuVTFKVEpDY1ZkemRubHNZbWxwWmxRbE1rWjZTM05SV2pKb2VtcE5NMFJGT0d3NVJFczRkREJaYjBGQmIwZE5NREI2VjNCT1JESkJaV1JWVWpFbE1rSkpXVGt3ZFVaVE9VUlNiekp3YW1SM1QzRlVSVGxqV1dZMmRXSk9aemxtTW1vM1UxQjRNaVV5Umt0NFJrZHhhWGd5Ulc4NVVrcGlXa2hTVEVaMFlVTTNkbWhRYkhZeGQxTnVSVWxDWjFKWFFTVXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFIVkVFck0wbHVjM1JoYkd4bGNpNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ozZDNjdWNtOWphM04wWVhKbllXMWxjeTVqYjIwbE1rWm5kR0VsTWtaa1pXMXZjeVV5Um1kMFlXVmpkSE11ZW1sdw==

http://www.megacapitalgrab.com/WVl6OTRQV2xtYW1rbE1rWkZhM2h2UkROQ2JGQTBjakEyU0VnelRVOXFWRmRaVGlVeVFsUWxNa1pZY1ZOa1FuZFBkV3AzVEVVbE0wUW1ZejF1WkZKS1VqbHFWME5OVVhSbU9TVXlRbVJCU0hwTFRWQjVaMDFGVVcxUWJVeHNURzl2ZFNVeVFsZ2xNa1pXU0hodVJHUmpaVEo1Ykd3NFJXRklWamhpUW00eE56WmlNMGxZUW5aYVpXWnNVVVV4VHpWMlVtWjROa05WTms0M1VVNUZKVEpDVFdaVFNHMHhiaVV5UWswNFZtZHpTa3RMZUZkS1ZtUmtRa2RQZFRsWU5UQTNOamh1TTFOc1lXODRjVEpaYURRd1FXdHVWRmMzWjFkb1YyTlJKVE5FSlRORUptVTlNQ1prYjNkdWJHOWhaRUZ6UFVkVVFTc3pTVzV6ZEdGc2JHVnlMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um5kM2R5NXliMk5yYzNSaGNtZGhiV1Z6TG1OdmJTVXlSbWQwWVNVeVJtUmxiVzl6SlRKR1ozUmhaV04wY3k1NmFYQT0=

http://www.megacapitalgrab.com/WVl6OTRQV04xYWpZM2VGUTVZM0Z6UjJ4SFpGRXdNemhOWjNkS2RFNTRWa3RHZHpkaVNDVXlSbmhrWW1KUmIzTm9PQ1V6UkNaalBXZElUVUpTV25aWFFUZzFiMFIzTlZwd2NFWlZVRVJCVFZCdVptcExWamxZVFVGR2NqaDNiVGhRUmxCVE1HcDFNREF5VDJaaE5YVlBWMk5EWW01WWVUUktOMUE1WTFCcFoxSnlORzlXTVU1RU9UUjZSR3RpTjBodlJGcHVlVnBUVG5keVZFNUNUbkp2WlZKNk9IUlBSRmRxTkdGeE9HSkNWbGt4SlRKR1duVnBWbXN6V25GWlUwZzBKVEpDZUZvMlYyb3lZVEJZYmxKYVJsRWxNMFFsTTBRbVpUMHdKbVJ2ZDI1c2IyRmtRWE05UjFSQkt6Tkpibk4wWVd4c1pYSXVaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHZDNkM0xuSnZZMnR6ZEdGeVoyRnRaWE11WTI5dEpUSkdaM1JoSlRKR1pHVnRiM01sTWtabmRHRmxZM1J6TG5wcGNBPT0=

http://www.megacapitalgrab.com/WVl6OTRQVTVuT0dRNWNEbHhhbmRFU2s0d2RHMXFVMVZDU0U5eGQxaEphMHBHT1hOSlFTVXlSbXBLU2t4S09HeFpRU1V6UkNaalBWVm1VVEZFYjFSRE0wUjVZVXg1WlhaTlVXRjVTRTVrUTFONVkzRnhRMjQzVlU5d00zTlVOWE55VVhadFQySlNaVkJvUlVWQmNYYzJkV3BKTm1GdWVsWXlVRTlQZGxKaWNXMUlhbmw2VEZOQkpUSkNiV0kwVDFOdUpUSkdVblJ4YjJOWlNXeFVTVVpUVDJKV1QxVkNhelF5YnlVeVJteExRMnA2Y21ReE1FVjJXVnB6V2tGM00zWkNlRlpJUzB4aWNFRnVlamR6VmpGaFFVRjBRU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxSFZFRXJNMGx1YzNSaGJHeGxjaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaM2QzY3VjbTlqYTNOMFlYSm5ZVzFsY3k1amIyMGxNa1puZEdFbE1rWmtaVzF2Y3lVeVJtZDBZV1ZqZEhNdWVtbHc=

http://www.megacapitalgrab.com/WVl6OTRQVXBWUjJKT1MweERaMUJxYVhkb1kyTnljR2R6VEZvMFVYZExiVk01YWtjbE1rWkNTRzh3VW1WUFNsUTVUU1V6UkNaalBTVXlSalJRUzJFd2IxQnlXalJYY2paRFVHcENXbWxSVVZoUVRUWnRaVWMwTlVsNVkySnNOR0kxTVVsTWFFOU5XVkJ1SlRKQ1FtZE9VRFk1WnpkWFNHWmFUSEpwVnpoMFF6bEdhMFpFVDB0bUpUSkdiVlpEYkc1YVdXUktZalpZU1ZBeFdXSXhhemRVYzNwRU5XcEVPVkV4TlZvMlVrdDFVVzlLU0VGd2MxTkZKVEpHZVUxa2VFdHNPVWRyVFdWeVdtZDBTRk01UVd0RWFsVkdORWgzSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQWEJRT0haQ1JWUnVjVE53VXlVeVJsUlJNWGwzYjJNbE1rSllTbFJZYVVOR1JsUktSR05FWm1OaVJYTjNSRFZaSlRORUptTTlWRWRLV0RsUlFXbHBhbk5UYkV4Uk16RjFSblpQYmtGcE1XOW5SVlpDWWtFbE1rSkxWbVJDUVdSb01EQkhNM1JyTTJGVVZUZGtPVTVHU0dFbE1rWk5aa3BSVWtWU1ZuWnlOQ1V5UmxGVWQxVm9NWHBpSlRKR2JGSTVlblYwWVd4blRVVWxNa0pCYWxkQmRqZGFTbGQxVWtKVU1uSkdjMjk2Y0UwMlZrdExSMUpWUVU4MVpuUWxNa1psV2t3M1NHZDFTRlZHYURCeVFUWkNiMlpPYWpkU1VWcG5KVE5FSlRORUptVTlNQ1prYjNkdWJHOWhaRUZ6UFVkVVFTc3pTVzV6ZEdGc2JHVnlMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um5kM2R5NXliMk5yYzNSaGNtZGhiV1Z6TG1OdmJTVXlSbWQwWVNVeVJtUmxiVzl6SlRKR1ozUmhaV04wY3k1NmFYQT0=

http://www.megacapitalgrab.com/WVl6OTRQV3N4TkVveGVXY3dNbWhDVm5SQ1RWZEtSRmRDZVRGMVJXZElVRmhYUVZkak1HbHJkSEI0WkhOd1IzTWxNMFFtWXoxcWNEaDJTRVZuY1NVeVJqTktaVUl4Y0ZkSFMwTk9iblZhZFU5VFprNWpURUpEWW1zemMyc3hhalZxYm1kc00xbENkMFZSZDFKNlUyNWtVa0VsTWtKVFJucHJaRWsxYkRNeWNIcHljVVl3YVdWdFZtaHdPSFlsTWtKVGFVaHNWR0p3UWpWQ1MydDNhekJFWW5rbE1rWkdXbEZHTkVaVVIwZHpSVkJSU0dkVWQzWk5XbUpTVHpJbE1rWTRTMmhQVldNNU5VTnBUbFl3VWxVeVRURldTMEpSSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQWFpXY1dnNGMyeDNWbFUwT0RoYWEwTnlRMjQxV1ZWeWRUbHNOVUpVTjNWbU9HUXhWMUl5ZGtsc2REUWxNMFFtWXoxa2QxQlpkMmswZGpWVlVGUnRkR05LUTBoRlZqQmxjV2NsTWtKUFVUUTFTbUpHVkU1d1dIUjFaWGd3VGtGTE5qVnZWR1VsTWtZd2VXdFJlV1VsTWtKa1UzUkVTalJtYTA1cVkzb3hRVlUxVEhWcFIyVTBSbWMzUWtneFkwUlNjRlZsVG1wd2JYTm9kV1YzVkZoSlVXMVFTelZYVkZNd2ExbENaRXd5UVhnNGJrRWxNa0phVEZSeFFqVllRakE1Y0dGdU1UUlJlbTFDVEd0WUpUSkNORzkzSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQVWcyU2prMFN6WnlORU56Wmxwc2JUSXhOVTFzY0hGek9VRmpWRzlNVTJkdk1GSkRTRlJpTkhNeGRqUWxNMFFtWXoxdWQwMTVZVGhUV2xSU05XcHJjRXRtWlZsclNuaHhTRWRJVUZsUGJtdDVaRkV3TjBwTU9VNVVhbEkxVDJ3MmExTnhVR0p3TW1oNGNHSjJhVlpLUlNVeVFsUldRVkEyT1hrMlRXWnJXbEJ4ZDBGMGNFODFhVEYxVmlVeVFtcDJiR2hKU0hOUmVFSjRiWFV3V2xORlMwOW5ja3RhUmpkb1UwUlBNMEl4Tm5KWVZGQk5WU1V5UWtKNVMwVnZPVWhYV0RsUlNsQXhPRFZGT1RoaldVRWxNMFFsTTBRbVpUMHdKbVJ2ZDI1c2IyRmtRWE05UjFSQkt6Tkpibk4wWVd4c1pYSXVaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHZDNkM0xuSnZZMnR6ZEdGeVoyRnRaWE11WTI5dEpUSkdaM1JoSlRKR1pHVnRiM01sTWtabmRHRmxZM1J6TG5wcGNBPT0=

http://www.megacapitalgrab.com/WVl6OTRQVUZzUzJSbFNHaHlXSE5qTVhGV1EzbHpObmh0Y1dsREpUSkNhM3ByTUhoNVdGQktkekZ6ZDFGUWRXcFhkeVV6UkNaalBUZFBKVEpHYWs1WlJURnpPR1IxTUVKS1ZVbFpaVGxOVldSS2QwcEZhRzk1VGlVeVFtZEplVlpOUlRWQlUwaGthM1YxVkdoUk5sUjFjMDUwY25aak5sUXllVmRTYURGS1EyOURhRWxqY0ZkQ1FuSlhOVWxpV1dJeVpGUlhaemxKZEdOSlNEUnFWbEpQV2xZeFEyTkhhbUZsZFZsRWNYbDZKVEpDZVdSRFl6RXlSVzlMZVhGQ1NVSlBUV3R5Y1hJMlJYTlZKVEpDUXpoclpVUjZNM2gzSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://cdn.menacdndownloadfiles.com/c?x=uNjRcy7vZgj6xQYT7kLobtAXGA2mjAOVJlc1RNXTVfg=&c=nUeTvkkYyqDEuzJI58VYX0YPpiel4VI9uO5K9Rp2tZIy7eosSCy eCP1Tff eNN58nSSBSORG9Z7jJJrxKWagw==&fallback_url=http://www.rockstargames.com/gta/.../gtaects.zip&downloadAs=GTA 3Installer.exe

http://www.megacapitalgrab.com/WVl6OTRQVEl5T0dWbmRrVTVWMDgxT0VWRk9XZzVURVl5WVdVMWRGbFhTRmRXWVhOMVdYTkhlbUl5VDJKNFJHOGxNMFFtWXoxeVNXWndheVV5UW5kWVFsVndSWEJZTW01U1ppVXlRbk42WTNwUWJXUkhTemxOTmt0RFJVNXJkREZXVmxsUE1USjNkbk4yYzJOTVZXTm1OMnBoVW01MVJHMTFWRWR1TjNCM1EzcHVabGc0SlRKR2JtZzNUSFlsTWtKSk1WTXdjV2w1YUVobVUzSllVV3BrYWpneWNGbE9lVUZyYkZKek9VMHdURkpaUjJVeWVTVXlSbXRuZDNWVWJUYzNUa2RaTUZnMGFIVk5NemN6WVZGUlptTnNVRWRCSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQWGQ0UkdsTVUyMVVjSGhtWW1kdU9VeG5aREoyV1NVeVJsaE9XRnB3UkZkdmNtbFdPSHBUVVhaYVZrcEVOQ1V6UkNaalBYRkZha3hFTlZwaWNTVXlSa1JVVlZGTFNFTnBNREpYYVZseGVsZzVTVUZqYjFWS2R6VWxNa1kxYVZSM1kxVlJjM0UzVjFSNmF6QktkamhqT1ZRMFZGVmtXRXNsTWtJMVUxaEpNMUU1VHpneE5rSnlkRVVsTWtaNFpHMVVja1JvVURWMGQzbEZha3QyT1hVMFEzVkNZelprTlROc01VZHZWekp5WWxkdUpUSkdSa0ZaU20xclMyWk1kM05LTUZoWVlrbHdTRVJJU0ZkR016UnVZbmd3WldjbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTlSMVJCS3pOSmJuTjBZV3hzWlhJdVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdkM2QzTG5KdlkydHpkR0Z5WjJGdFpYTXVZMjl0SlRKR1ozUmhKVEpHWkdWdGIzTWxNa1puZEdGbFkzUnpMbnBwY0E9PQ==

http://www.megacapitalgrab.com/c?x=tAeKwX AUIggVfeF7wHfxobKLMMlkYCZIU2 ZCT xnA=&c=uQMq/utWAJHVT3yRuglICQufsvtgeYJV8RZUPUSJW8UZ21zxbY6F8znDDFHkFf3AbaYkL0xeUgsnKeQ5rBeF4K4Gz1mAhldoUImezmMbXkmA5C6DlGF3PKrQ8CAfy6bCJ88v3yY28ePZVUNxNm80arbUjVFxe5wJUhnzHjemvTPUFBBitcDjkXtp/YGkqYew&e=0&downloadAs=GTA 3Installer.exe&fallback_url=http://www.rockstargames.com/gta/.../gtaects.zip

http://www.megacapitalgrab.com/WVl6OTRQWEEzYXpkelRWbFNVVXRLV2psRGFVTmhUM1ZqTjJkUmJHVnlUM2xPVWt3eVVubEdkRk51WjJSM1NrMGxNMFFtWXowNU5razFia053UTI1WFprOXhiRlZXVDBSQlNsbFhlazFXWldKM05qQm9iMGN3ZDFsQ1oyOXNKVEpHUzJSSmVqWmhiMUJpWlZSVVFXWmtUR2xaY2xseVIySlBZbEJFT1RSb2MyOHhSVVpQVEhOM2FYTjFlSEpxYjI1SmIzcEtNWFJNVVRKRU5WVjRXa05SV1ZRMkpUSkdSMmxSVlhJMmVsbHBjWFkzTW04NFdVbGxhaVV5UmxOamNuUlNiRWxwYVU5NWVUTnJSblZVY3lVeVFrNUdaeVV6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxSFZFRXJNMGx1YzNSaGJHeGxjaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaM2QzY3VjbTlqYTNOMFlYSm5ZVzFsY3k1amIyMGxNa1puZEdFbE1rWmtaVzF2Y3lVeVJtZDBZV1ZqZEhNdWVtbHc=

http://www.megacapitalgrab.com/WVl6OTRQV1pTZUd3NVYzVTVPVXAySlRKR1dWSTJPRVl5WmxFeVRYazVSbmhrVGtwdk5VZEdhMlpzY0hsWFVqWldRU1V6UkNaalBVeGxla1pCWTJ0alkzRndKVEpDYkZKTk5FcFBSRXhCYlhwWlNEaDJaRGg0TUZoNGQxSTFVekpMVFRCcllXZDJjSE5IUldFMGFteEdibTFTVEdwSE5XcDZlRXQzZDA5V1QwbEtjV3B1YUc1MmNqVkpVRlF4YWpsSlMxQkVkVmh1V21waU5qWmpUMU51WkdocllTVXlRbFZ4VFhseloyWkplRFZyTVRKWVJYVTVjbXN4VWs1bFVEYzVZVmROY0VZMlpqVnpjMjFNSlRKR04xUkVVU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxSFZFRXJNMGx1YzNSaGJHeGxjaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaM2QzY3VjbTlqYTNOMFlYSm5ZVzFsY3k1amIyMGxNa1puZEdFbE1rWmtaVzF2Y3lVeVJtZDBZV1ZqZEhNdWVtbHc=

http://www.megacapitalgrab.com/WVl6OTRQV1pRY0ZOR01DVXlRamxOTUhaUkpUSkNRbFp0TkRjeGRuUTRNMUU0WmxsUlpWUm5KVEpHT1hCU1pFcDFSMEkxU1hNbE0wUW1ZejFKWlhKTmRsVjBKVEpDYWxaTGVtNW5ia2x6Y0RSM04yUkhUWFJwSlRKQ1ZFMUVWVnBKSlRKQ2NVUndka29sTWtJNFNuRmpZVlIyVEdSYVJqQklTRlpMSlRKR2RrMHdPWEpaSlRKR2JWcEJXakVsTWtaalRrTnRRWEZyUld4Rk4yNXNValoyTVdaV2VXNXlXa2xPT0ZWRk9GQjBabFpwVTNkRE1GSWxNa0pDVm5RNWNsWnVVVTE0TTBVM2NHeDFiR1JpWmtoUmJsb3hZMk0yYlZkRU1qSlFPV0ptTUdKbkpUTkVKVE5FSm1VOU1DWmtiM2R1Ykc5aFpFRnpQVWRVUVNzelNXNXpkR0ZzYkdWeUxtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbmQzZHk1eWIyTnJjM1JoY21kaGJXVnpMbU52YlNVeVJtZDBZU1V5Um1SbGJXOXpKVEpHWjNSaFpXTjBjeTU2YVhBPQ==

http://www.megacapitalgrab.com/WVl6OTRQVFoxYW1kM1NVSkZibXhEVFNVeVFtVnJhRTkyY1VFeFZHWnVZMnRHZVZreWExTnZjemQwYVhOMVYwMGxNa1pWSlRORUptTTlUbGRoZDBrMFFrSk1TVFpxZFRGdll5VXlRbE5GZWtVeFFXUWxNa1prYkhaelVrVk5VMEZGZFZreE9HcHBWMll5T1hodVVuWnlWRlkwZGpWTlZVZ3dOWFJUUWtOVVFXVnBUMHBIWjBsWWN6RlBjMEZaYWlVeVJtdEdVRWtsTWtadlNqbFdRamxEYlhsNE5XWWxNa1paZUZGSWVEYzRWM0pRZDNsV00xTlJNMVJoTkVodmMwTlFVWG93TjFSNFIxWTRZV3huV2s5QlNuUnBZVGR0YzFCU1FTVXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFIVkVFck0wbHVjM1JoYkd4bGNpNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ozZDNjdWNtOWphM04wWVhKbllXMWxjeTVqYjIwbE1rWm5kR0VsTWtaa1pXMXZjeVV5Um1kMFlXVmpkSE11ZW1sdw==

http://www.megacapitalgrab.com/WVl6OTRQVnBqTkZsdmJFNXZSSEZYYVdKUWNubGlSbVZXYlhwWGRtMVBSbTl4WVRrNVNWcHhZV3cxVFVKelYwRWxNMFFtWXoxWVpYRm5UVXhMY0U5NFdqSnZTRXhuVm5odVVYQnJZMnh5YnlVeVFtbHNNR0ZuTjI5TFdsazNOMjlEVkhsbk0yNUtZbXB3Ym5SalpUSlhhamNsTWtKdGFTVXlSbU5qV0RsdlExTjZRM2xLTWxaWFQxYzBkM2hPTTNsR05EaGpPWFUwV1ZrMmRVdEVSRkZwWVV4cWVUQkRabGsxZVZWVlIyeEhZWGxzWWtaVU5scEJWVTVMV2s5YU9ITk1iMVlsTWtaNmFWcFhPVFozWW1ZeVpXODBVU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxSFZFRXJNMGx1YzNSaGJHeGxjaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaM2QzY3VjbTlqYTNOMFlYSm5ZVzFsY3k1amIyMGxNa1puZEdFbE1rWmtaVzF2Y3lVeVJtZDBZV1ZqZEhNdWVtbHc=

http://www.megacapitalgrab.com/WVl6OTRQVFIyWWpCTlRFZDFkM0Z1YmxoUlZVWXpWVVYyUkRRNFpYTnRUVGhrTTFKT1UwdDVOVXB3UlU1bFVXc2xNMFFtWXoxM2MzaGhORWRUUTBrM09UbENXSHB2VTFCbk9HbG9WR3RJY1ZseWJrUlFaVEpMZWxsRmEzUmhSRzF0TTI1TFZtdzNWa1FsTWtKWFJUQnFNMGRLTTJOVmJtdGFURkpZT0Vkc1QwcHFkblZLTmpWYVlXSkxXblpQU1dSRVdGVnVRbUk0T1dSeFZtRmFNemRRV1RoTFlqWTNhR0k0YW5kRFNHWmhSM1JDT1ZrMWFqaEZUVGRwUzJkSGRUaENSSFpVZWxSeU9EZE5TREJqUVNVelJDVXpSQ1psUFRBbVpHOTNibXh2WVdSQmN6MUhWRUVyTTBsdWMzUmhiR3hsY2k1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWjNkM2N1Y205amEzTjBZWEpuWVcxbGN5NWpiMjBsTWtabmRHRWxNa1prWlcxdmN5VXlSbWQwWVdWamRITXVlbWx3

http://www.megacapitalgrab.com/WVl6OTRQWGdsTWtKSGNIaHNOWEp2VjBOalJWWlhXV1ZCUlRaaFdXdHhZVVZwTjBoUWFUZEtXbkJtWVU5RlNHSk9NQ1V6UkNaalBXVnBSRWgxVUZkNWVYWkdOR0Z1YW5FbE1rSm1UbEZPUVdGbWFGQlphbmhJWnpWSlFrdFZWMkp0YWtSa1IxSnFkMnNsTWtaSUpUSkdXVmxuVlRGcVFXZHdRbk5ITTJreFptTjJVbEJLZUZkSmQydDNKVEpHUXpoeVdtRlVTakFsTWtacFQzRXhlRVZNYmtoaWNXVk5NSHBUTmxoU1kySk9Za2s1UW1vd2N6RTNTelZtYm5sTE1rVlNkSFF4TW5KWWFrSnNUV1p5UTJOcUpUSkNiRzVQU0U1SVVTVXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFIVkVFck0wbHVjM1JoYkd4bGNpNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ozZDNjdWNtOWphM04wWVhKbllXMWxjeTVqYjIwbE1rWm5kR0VsTWtaa1pXMXZjeVV5Um1kMFlXVmpkSE11ZW1sdw==

http://www.megacapitalgrab.com/WVl6OTRQVVJXZWtFMlVsZzJNREJJWTFkWGVVTTVSbmxWUW5kb1ZETlNNVWcyTmxOdGFHODNhbUZZY0dKdWRHc2xNMFFtWXoxV1JIaFdUSEZCUlVsQ1QwUmpUalZSTlVwT1RVZFlZVVZaTUhjNU9XUlRNVE5IZEhaMGRVd3hXbG9sTWtaVFJ6WjFja2w0Y1dnelZqRmlNMlpqUkZsa1VIWkpPRnB6U0VaNlJXWlRKVEpHTVRGMlVsRlJiVE5JVm1WNmJqVnBTbFZNZVNVeVJuQlRZVkY1VEZSR1QxRlNSWFl4ZW0xMFQweHVSa0pqZUUwMVlURnNOMlZEYkUxa1RsRTFVSFY0WkVWUU5XUjVXV2t3UlZwUGIyY2xNMFFsTTBRbVpUMHdKbVJ2ZDI1c2IyRmtRWE05UjFSQkt6Tkpibk4wWVd4c1pYSXVaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHZDNkM0xuSnZZMnR6ZEdGeVoyRnRaWE11WTI5dEpUSkdaM1JoSlRKR1pHVnRiM01sTWtabmRHRmxZM1J6TG5wcGNBPT0=

http://www.megacapitalgrab.com/WVl6OTRQWHBRYm1zMlJURlBUbU5KYTFadk1qa3pSbE5VU0hocFRucFJWMEpFUVZGdGRrMVFTM000YzI5blpXY2xNMFFtWXoxdFF6ZGpjMlVsTWtJM2QzWXpObm8zSlRKR01tUjBhVkJMU1dWVmIzcGtWMWcxVWxGb2VWaEZTbVpEVDJkSFdXTnVNMGw2UzBnMGNUQnBRbmRVYjB0SVFWcG9SVFpMY1VacVZFRm5WR1EyZFdObGJuVnBjVGN3Um1ReFpXZ2xNa0pxZW5WVlRIRjBhV05YTWtkbFFuQm1OMlV3YUdGblJFOWlVVlI0Tm1OS1VqSkZjbWRsSlRKQ1kzazJla3BtTjBKRVkwVlFWSEExUzBWTFFsZFJVU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxSFZFRXJNMGx1YzNSaGJHeGxjaTVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtaM2QzY3VjbTlqYTNOMFlYSm5ZVzFsY3k1amIyMGxNa1puZEdFbE1rWmtaVzF2Y3lVeVJtZDBZV1ZqZEhNdWVtbHc=

http://www.megacapitalgrab.com/WVl6OTRQWGM0Y1NVeVFrMDFTMWx3ZEhrbE1rSkRlSFZXYjNabWRuUlFKVEpHVEd4MmEwMTZhRVp0VWxGNmNUQXdkRmxXYkc4bE0wUW1ZejFaY1RsNGREbEdXRnBFYUhrelMwcEpWRlpzY1RsWVYydHZSRGRMU2paVFdWRTJabk5PU1ZsT2VEVllUbmhwTlhWMFVqZFBTRFlsTWtKb1NGSldOMGM1U0ZSMWRub3phRXh6V1hodk9VTmhWVEZuVUd0eldFMURKVEpHZERWelVGcHNTamRtYURFNFRtSXdNMnREYmxZMWNuaE9OazVHU0ZSdlVsZGpiVkY0YldFM05IRk1SV2RCVkd3emJVdGthMGxhV21OMWNVVlBRbEpCSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQVTQxTVhSVldtbFdlVk5wYVdGMVVHVTBiRWhxYmtwb2JrMTVURlpRTkVkRFJWTlhhQ1V5UW5CRVowSWxNa0kwSlRORUptTTlUbVpJVEROdGNUQlNiME55Ukc1NWVtbHVKVEpDY0hSa05YcDNTRGhCUzJ4YWVtWm9NMmtsTWtKbmR6RkdVbVpvV2tWNVVXSnhlRlkzUm5Cek4zbElUR3haUmpOMVprcERka3hNYTBoVE5VcHJjVWRrYkdORE1XaENRVUpQU1dWNFJYQXhjMDlqYlVodlFqVk5SbGxVV0ZvNWVHMUNWemhhUVZOVFZFSWxNa0poVWpaUGVUSXpiR1UxVWxwUlVYaFJSMDVvY0RGVU9HeFdPVE5uSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQWFpNVUUxNVdVeG1SRlIzVHpSMldFeGxlVEkwVDFwc1ltZDNZbXBOSlRKQ01tSnpWV2x3TVZCTVRtSlVPQ1V6UkNaalBVNTRiVXRxSlRKQ1FrMTJaMVk1ZUZoWWVtaDFXWFpMU1dwa2RXTkdSMVpWYkZvMlMzRm9iazFXWjBKMGFYaEJZemsxUW1WcVlrMVRPSEpHVDBKeGNERTVjRVJxVUc5TWJsbHhaM1JIT1V0WFVrSnNSMFJvVEVJeVNXNXVWelZWWTFVNVltMDVWVWMwZUdvNFMycHBWRTBsTWtKcmVYZHphSHAxTkVoYVZEZHlWVmM1Um1jeE1YYzVZakZIYURoVlkyZFBiSFJCU0hOMmRrRWxNMFFsTTBRbVpUMHdKbVJ2ZDI1c2IyRmtRWE05UjFSQkt6Tkpibk4wWVd4c1pYSXVaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHZDNkM0xuSnZZMnR6ZEdGeVoyRnRaWE11WTI5dEpUSkdaM1JoSlRKR1pHVnRiM01sTWtabmRHRmxZM1J6TG5wcGNBPT0=

http://www.megacapitalgrab.com/c?x=QefaekQKS5hD7hPHXIU9QbOG9YaG2VaL0euj4hD2bk4=&c=nrhGaLWkq0EuKqVw/pq0DdW edCKQXhnN7x4ifkXaAbPlAAhLsVmegAn/aoAOmvmfNFlW7AnQCbF1tgWhIgSA/vyVuLnD MJdcfWSEfjXYLdCJQDOig/pGgHxCe v/RsOvaGqBFIWAzkvUXV//2CtRJ3Q/MYPZbEEkaX1UzOeQdjvOEuK3B4Rc9/MQq/VFcM&e=0&downloadAs=GTA 3Installer.exe&fallback_url=http://www.rockstargames.com/gta/.../gtaects.zip

http://www.megacapitalgrab.com/WVl6OTRQU1V5UmpOVE9ISjZlV0ZMTmpGc2FVUk1aMlZPU0ZJemJ6QldiRVpWWkRRNVFWQjZiRE5JWWtscWRtWkNOQ1V6UkNaalBXSlVlVFoyY1VOd1RWWnJWMmg1VTNWV2VFTnVUeVV5UWxONFYzSlpNWFV3VUdkeVZGUkhKVEpHY2xOdVMwVkJObmRzWWpWYWRXUlNjMHRPTVcxdk5FMUplblJDVkdRbE1rSkVkSGRaY1ZrMU1uWlpjWEY2UzNKMFdsSnRla05uV1RWeVYwd2xNa1poU21oVFJ6RkJKVEpHUWtoNVVubFNTbXAyZW1GTVptZFdUelU0ZWt4VVFVWlJPRFpFTjBjbE1rSk1OM2s1U1RWU1NIUkZNVXB4VFVSclVTVXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFIVkVFck0wbHVjM1JoYkd4bGNpNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ozZDNjdWNtOWphM04wWVhKbllXMWxjeTVqYjIwbE1rWm5kR0VsTWtaa1pXMXZjeVV5Um1kMFlXVmpkSE11ZW1sdw==

http://www.megacapitalgrab.com/WVl6OTRQVGs0ZFhoaFNYSXllSEV3VlVWVEpUSkNTMWRPV1VGd1VFcDFRemRZVG1kSGVIcEpaM05zUjB4VmJVWndUU1V6UkNaalBVOU5Va1EzU0hoRVpFOXFTVzFVZW01WlVqUjNhSEUxZDJkcWJYZDFXRlYwUmt4VlZUQTFZMVkyUVNVeVJrNUtjbkF3SlRKR1dFSjVXVUl6VUdSNWNWUlFXWFZSWW1FeWNWQm1WRUUxV1dWelJtdFNkM0pEVTI1bWMxZENOM2N3SlRKR1MwdHBVemRyVnpsUmRIbHJSVTF3VTNadFVWSkhKVEpHWlZOWlRFWjJSM1ZQYlZoRGVsVXpjWGROT1ZkWlQyNVFXbXd6VlV3d2FGUllWbmhuSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBVZFVRU3N6U1c1emRHRnNiR1Z5TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuZDNkeTV5YjJOcmMzUmhjbWRoYldWekxtTnZiU1V5Um1kMFlTVXlSbVJsYlc5ekpUSkdaM1JoWldOMGN5NTZhWEE9

http://www.megacapitalgrab.com/WVl6OTRQVXgzVVc5TldYVnZSVzFNVHpoSFJXVk5ZVGRoYWtKc1lXRjJZazVKZGpJemVIaHRhalJFWmtSWFdXOGxNMFFtWXoxTWQyUkNkV3RtVmtJMWIwMWFkVmhvTkU0eFJXRTJTSEUwTW1aNWFWRmFNVFE0U25kVVZWWnZkRzFpVVdzd2FrSnFOamhLZDBoa1UzazRjM0JTY0ROTE5XdFRVRmRtVGxBelJFNVpPRGwzY0VJMU1GWjZXV042VlVaYVRsbElla3czUWtkRU1UWnRUREV4VTJWU1JFdzJTREpCZFVaS0pUSkdOR1Z6Y1ZRNE1HazNWREExTjJWdGJFYzVhMDU2WTJGb1IzazRkRkowWnlVelJDVXpSQ1psUFRBbVpHOTNibXh2WVdSQmN6MUhWRUVyTTBsdWMzUmhiR3hsY2k1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWjNkM2N1Y205amEzTjBZWEpuWVcxbGN5NWpiMjBsTWtabmRHRWxNa1prWlcxdmN5VXlSbWQwWVdWamRITXVlbWx3

Latest 30 of 112 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to os.solvefile.com (207.189.109.121:80)

TCP (HTTP):

Connects to cdnus.solvefile.com (207.189.109.121:80)

TCP (HTTP):

Connects to cdneu.webfilescdn.com (65.254.40.36:80)

Remove icreinstall_gta 3installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.