home

installer_microsoft_powerpoint_sciagnij.exe

Debegarune

AGORA S.A.

The application installer_microsoft_powerpoint_sciagnij.exe, “Debegarune Setup ” by AGORA S.A has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.packagenewsend.com and multiple other hosts.
Publisher:
Beseg   (signed by AGORA S.A.)

Product:
Debegarune

Description:
Debegarune Setup

MD5:
e450e04d1754537aa6d2d3d0c5d1a956

SHA-1:
1c0da21fed918162425ba959a426964f9b0fdd2d

SHA-256:
f420cba647d20d8e15952fe855539a17fedea771e0b343db2b92cb55c08ac077

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
9/29/2024 8:38:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.AGORASA.Installer (M)
16.4.13.18

File size:
923.3 KB (945,416 bytes)

Product version:
1.0.3

Copyright:
Fast

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\installer_microsoft_powerpoint_sciagnij.exe

Digital Signature
Signed by:
AGORA S.A.

Authority:
Symantec Corporation

Valid from:
9/9/2015 2:00:00 AM

Valid to:
9/9/2016 1:59:59 AM

Subject:
CN=AGORA S.A., O=AGORA S.A., L=WARSZAWA, S=MAZOWIECKIE, C=PL

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
615B57E3504C929E3B64ED936D1CE68B

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:VwcSeGbEsZPjsFsNgE0NqxzJVd74pgZnO0G0I0STS89EirLZfk:VPwPwiNOAzJ0GZnOAbSu8WirLNk

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file installer_microsoft_powerpoint_sciagnij.exe has been seen being distributed by the following 50 URLs.

http://www.packagenewsend.com/c?x=HLRDtPhsjE4jEOCLKQzR3a29hZ2/rfLBmhpToXHUq0s=&c=Jf0r3o4VTNnDmN9pKeFSqV3gE8Pc6aYf/pHquHnjRvzfPueiAHrYMCSvEiSvB/k7EtFXAyQjM5t0NM/JjNw6bxly8UciF9WwdstOY7xzb54YJcx2HcCapzPcdQdPeGXbmxmD6/45E0QABXGLo/NaGg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.packagenewsend.com/c?x=oGPoK94vjLcYNOedcTswB54lCNh8eh4ROvEpOcLOCbQ=&c=H1TSpe9hZ 1ulCPHGOLOUbtKya65XUIUPcfaPpetdwb9JGcRxVtYmV9DgUuSq0XEg1TVFN36wxm2MRCRvIx95PbiVO0IpZaVhGknNF6YxEyVms5azJNvVxr/OtnGjeEnBKaPsdckbKXaTPjVT0pZvA==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.tourcentralbundle.com/c?x=eNG9l U1ZjyKLsLGy D33sSwIjHNlMwYIHf0axAZoE0=&c=wG81p6EfbvVgq5KTV7pnBra7E5JYd6Qqdh0azR2iIZa3Wu5OoVmWCO8JNMEKbMcgdYSnUYZ0Nf/83zUcAyEHALJbdkAxPOGcxw5qsxARe5O3sgZf2PorfndzYIrfaLtB&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.packagenewsend.com/c?x=TyBCt2VsowJ7PPepxkMQuPAEdUzw93jTyBTPi4aMSA8=&c=uFt Lxxy2 wdS7KN/RW9F1O4cSe1ckl6My1QH4ln7nT8V6VRQtQdNo4A48UeDY8fNBJFeoSRPEIyOiAZBoS1DANa6QBgXCoecOev TpMMTWV3wtWBQa2IofJdx6zlPd7HG2oltGsWff70q7mlapdmQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=UnhzR0ufenhtEcvC4fnzHpTlpSbC3GFEJVL Km8jdTY=&c=89Kjp3Oxh2h1IhgtIj9rszoV5NvD PvCEHeqZPvWuOkjmQf3NIdgJPM/EvtjGI65fVbaQAo Yn1KHoLcASloqrgvkyTa/cyECXGkbDxw3kLoaST8qpt6C0MNAWRhA/cV&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=sf2u1QtAsZvOHMKcJmUGGpufYZ1xGu9S/61q72MVtOk=&c=tUWUsgkr7hREc2rQwZZvZk9AGDVIiRzJk/Km7ez6FeEDZ6ZAxoUkQaYekq0kBhmAqhbrVT87RJgOmeVOVeOr/8loIU6qaM9F9K5mjqf6n4Fr8FPq33wpmq7c2KXpKB02&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.applicationsbulkbundle.com/c?x=YU3iN3yXzR9PacxJCj/x46TVjFseh/IvcGjbOPCnyew=&c=B9uM1EDBFoArrviyzlobYle3qk4nSCt1HCdhSZ0YTY tMczbzSzoWjBgIcTk8WW39Ie0O0owo8I99gGn9mSiJWrijMb 5suC5tHv13Ok46 vc/CFjxHtLsjLVRkY4p7D&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.tagapplicationrepository.com/c?x=T7DXGBCPLU2jGef5jreMvsycjLk4 swPwE/AtgFeTWI=&c=4q2TdBYlrLA7UtopfcBbgPuhK5hGttRzp5GyQUnWL6rijj6oSYSaC9Tsn7BIv8qDSxZe jSpWBaywxacCY3Lc03lTBmmHMjXQrYsx/ks64eCYoxOkJ763JON4yjDfaUb&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.appstoursbulk.com/c?x=WNYA3FMe1AvAr5w3PkyOiDQ qLtNYtbNCEvf4waq8Wo=&c=K72slTGrWFRwCLH9lWojnRZ0vTifuayifSEurfRNkfuDft7HU1PIQEcEz50oY8yxDlkrsATAsCTkiKk76TM424Gik2zoPwO/S18hyn9OECGJRDr86x1Ao2 K05uv2SDo&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.downloadstodaybest.com/c?x=hLfnCwFSS97Zel80FCXpfXtFUPU2odakhf ZZp2dvZI=&c=EmCYbPQUShr6tvDYuf2aiaLHe5fXrQ7gmo2EkHcc2R nQfp7vqZy7enCZwnS/gxh iOZTKcScD8K4oBX0gJRjyrfcHZvyICusHp7Jo1N8VOvXpw/U24B6n1etu4iv8TI&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.citybesttour.com/c?x=L9hFUoLpzkramm58UwV0Re8a4 97IrwLuTzGrD4HNSA=&c=SmDIxbtXqbV0xD4Bvqlg6tB1zVGwv0cc4sGRilWkr9rSgV1KwtOWdKU8VJbYNab70j3VE6iycnlISxmfK0cqm5boXvla88GhC7Du6RiFWJFFbcWqn90BE SzHv7boHt7zfgmzx0kdGyaJ WhOS9RvA==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=aleu1guKCtpAzQ9TC4Ti/BqBnQkQ01dj8e4xWCcZ2uo=&c=NDezVtknXDWcip9gyVRqYGF6QOyXYoogfGAB8Zjq40173zVNDnmaOtX5yY/ J8LvPU1ZUFkTZr/37X6q4xBHjFS38yy8NMpUy1A L3YfA4OPNSVdUqp1/PKl8KumPAs&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.filenewconecpt.com/c?x=41lrNIgHXwzBMd2HiKjgKQ9iwxIF2jzbnFaa6DokSq0=&c=xLGWW4ucOUavZJyeorZiFInW45PJO35Z5fcoX6j qniCccZVY/OkL8f5OxYPn8WIMtmme2IKm41SHoXYqhX qqfs4ZlAgLtHWeIuB3o0lwndKNFK64fO0rMNE0Z6FfZnwpY9gBU aht8hwymL6C1Zg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.downloadstodaybest.com/c?x=88yxDErhmXS8/MhoPTr0G8OWBrjmPM1MgDnqu5E9jRE=&c=KbPFNgDcsu/QReGgMnfQI8XCGtVgMRpDem68FM9YjaymnPQyCBs2O/X/oi6kRhHN6XGHq9TUvL0teYXRdUYfCyERZvhaGRQ0y4cekAZIO62WA85OxR9JgErNE2lI/g31&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.bitssharenew.com/c?x=JvIrgUn0oIQlBSMMxI8KS5EHW9Dn6tRiT77mQ6et3iY=&c=Hte/UbJIKaIXLioV2G/Fq1UtuNp2d5GjLQL4od4oHsNf2yPsUpOX2 LuI0hXVY5d1AKLSn9sNeoN9FRv35r9J14OmtE9 O2LbXAqd7ib8Q31JH8DVOvSY4D/asUt8/tWoKELUx5FGISOkt8POv7xww==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=MRn9yYxcxcbB1Vl5GmKKX4DyMqajzEBZC3gBwLsiWnM=&c=fHwoksIohe1mNTeywoyZau 23RFTw5Mh0LBWqaHnxeahUAaBfq0eT9w36hrDmrOhMOFVLhkGMTRq5BqGJff4VWscGx4Zaq4I4yrLHgNDreI4dVmyY/Mvl2dQmefwuXAL&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=g8e98nW2hc2qvpJhiNCyIfR AeIHJgjgdJP6a5YtlpQ=&c=6AphEIx3M4/iX5iGpDGoCZd/wbL5RzrYU0rKANkYRK64QBcapw9romKwPKGwtEUCwkYY6mGaUDa2l4UiQl/SOmd6a8yEsZ3f3A5TY6Lmez7fxrVcCdY7bzyvBgSMEeA1&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.bestcapitalclean.com/c?x=YcP1bWMMVrCd1itxIHlwsYzOTeiYtLRpyt5qJ6O6zdE=&c=11opDgIpLHGiUTIYE/j pWSXvIxKm3SpUsunH214eYX8RUT0ngA55FCIF0D2I7AWBRH/yP6Sg521gFleX3Qxg30 4jRAZqvWSB2DV8IZrAcWumW5YkVkr8JSFLBGsK4v&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.gifthostingdownload.com/c?x=yRm FOtkyQ0hVaqcg3/j0jTpBjF1ltNSSMmAYfrOZuQ=&c=Z3dk3zXj1bD9YoROeeJayEksJnDUZlIEcQpHV4ROR/3a3wHZHh/W5XmhDk1gsSj6zSRM1SRssQKiIrRHYL0NIva8zrTqSrJzZ71AY5mYwsM88lB6AaiS 5PW2JQx7mJWdggb EaSzywBHuUD5JqNeQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.applicationsbulkbundle.com/c?x=xRF8/LDbDnWsMTt/QzUv4bZnlgzx26afzAiKkaQ45fA=&c=mb/8/NdAPdvAOouDmDfz38a5tWRqsavR8sAafD7xzbAKlHa6mXkF9cS ZoD6jft59 M71IXNgOrQu1nYdaGthIN0 y6LPFpuqfJbz0wj6a4Lxd7mciIv7Sua0wgV3Dm5&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.worldbulkfactory.com/c?x=nKQm7K4o/85xfS3NrE1A5qzNyWVHtjABZDzVn5Epiu8=&c=wqHQKokihAjPY3WvUf8AHla3F/Cq/vEk/ImxG5WM5WM1r2e 1jBNkDajdIsSSOxVBajcEkpmv5jrHh0muzZ1vrXf/RC6HYAkv0KuB1860Rwi9W8gtrw7uWmXmwkeFbV0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.flashbesttowers.com/c?x=UMGJ3wgRomOf 96SmUrMPdlaZbYVdwTXLrs9U/dkZIQ=&c=ynRf5rF2/wyYIC lW3AVvVL5lWhRaNwuk/khpzuOgnqdnPu4R2juu7HQonilWDsSMOZaELYrKgxcoX/rJoJEyAkY3aAEU64O43ofecA U6/EQO4DAG6t4ZtSNiXegM58&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.citybesttour.com/c?x=fAM99zQjF0R/EFmNZK5KxlGK/t7Fz2cHDidJwGRW35U=&c=dv4jNAkgCUzmCPhZKZ5M12Ex/C36AVB5lvP6If2JQ6JwRNL55ZMDEO5EOQ4Itj9KA7tmf0qVARhCs4dlyGEnu3 1rZlgJj5e2u5QPC3VVEAJJAAAQ3L2SinjSQMVrHZnxPnPiDC0931jM YdJ8O1zQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.stockfuncontent.com/c?x=ZvPLkUHh51DMl8pUNjzjVB7gSydJWn/t6Br8hmgqn14=&c=l9UIpGuV/efE 5o1QCdLbYec1Y4viuqYSU VfAtS6dwadmXLXiY/MjEfls wsE5uJQ4TIwxbS5pAQQTp0TtGPoVsN6JlWaZS5GxCXI5GzAj21z/Ni03Vf7T4mfQRngyv&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.applicationsbulkbundle.com/c?x=ygUR5cfGFSep3v PAe7EOhYSqMLjbLqsEbssdkkT8n4=&c=Brsf4zKY l9JsPTighAmJww1c5koxHRFF0 3veh5ybvYa96lYa4Pn1RSWknIOv/9e7ZjV/qo8pXG8B8PFp1MvD3w3y1Ioz9DhB3xMl7yGgLhNzlhY/oq4pL7sefaGGKA&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.bodyquickfiles.com/c?x=qDLHBOwOwaThSZwaXO3TVY 7yfhCNYjucUe1Ghvy Nk=&c=kCIFIeJUeWObBIyPtzESt8s016iRnBoWnSpAmEkgA mTmmFcWGPbglDTloR486WAlz7 0BVzW9XAEIlW7nNivuzIHFF4m45mcqZAooHkTRi5zxHbbQJaXHaEnFz48Lk7yyd326vJ8fFLyucue1ML/w==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.stockfuncontent.com/c?x=LYfqXKQCLWmVexVLjwefeQnw13mAheW1ft1Qj4juOSg=&c=2vE9/WqaA98DClXXLl66SdaEHX1t4RGK6yB5aosl4em/UMBVbVi8BZH JrCStqqLoB7zvHIj/5csORJAXUePl/UvQk0gMEBwMZGKOB7UKppSZg4MYbNftz6F99LoIsqw&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=uA ABq5IobkHmUmN5oMDQvXWXTstHsT4FMbWJyBIuSE=&c=ONjyILs1fal/EAXo79rU8fcOKq9wlQdc4xH0HCsH1Xku8DNqokUYeyUk sThgpQFJ6pUo359Xpw fWuYdJjqhFhqa9veziM6D2rLr6iIlDX2laQq5AUlDtaTgYW2nPen&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.vaultsharestock.com/c?x=drrYae2rTV4gnyBehTJV1HhSycDAL3SmUoWwr/ ANzM=&c=xTfozxKUejMPUsbjSCCKP0LDKlPb Ojo2blX fJ8L4vPH65 RtRxJLTAOQRJeiWoZ51z60j9JRsHU7KYYpf86WedXTBZwnmsppMkSFZWMQsGj59kabz254rPZfn3ZGj1&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.stockfuncontent.com/c?x=tcsupDo8ovdpa6JjIUm6BGq6ZHfm7nHofr6twxsmQZg=&c=uC 6/duGkiHmKYsvZ5AbrVA8EHXoy2vW3ZJVK dc0H2UwlSXh9gPSD8eyQc lxybT0Qr4bPQpPYivldqtd1R6df4BSZFqur/SQd 188nl8Pnl3UqAuzWMkoyUwiM p3M&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

Latest 30 of 53 download URLs

Remove installer_microsoft_powerpoint_sciagnij.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.