» installer_microsoft_powerpoint_sciagnij.exe
Overview
Analysis
File Details
Downloads (61)

installer_microsoft_powerpoint_sciagnij.exe

Funusikem

AGORA S.A.

The application installer_microsoft_powerpoint_sciagnij.exe, “Funusikem Setup ” by AGORA S.A has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.headhostingfactory.com and multiple other hosts.

File name:

Publisher:

AGORA S.A. (signed and verified)

Product:

Funusikem

Description:

Funusikem Setup

Version:

2.8.2.3

MD5:

04c10b3d52ba8fe3b4f402c5e18265c2

SHA-1:

99df516e9a918cf1f8462bf920663b1070bc0422

SHA-256:

52705346ce60c3251b26cce6187f64aeacf8a9aec851bce4e6dd212dd0079ec0

Scanner detections:

1 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

9/29/2024 12:30:45 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.AGORASA.Installer (M)

16.5.4.14

File size:

934.7 KB (957,176 bytes)

Product version:

1.4.6

Fast

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\installer_microsoft_powerpoint_sciagnij.exe

Digital Signature

Signed by:

AGORA S.A.

Authority:

Symantec Corporation

Valid from:

9/9/2015 2:00:00 AM

Valid to:

9/9/2016 1:59:59 AM

Subject:

CN=AGORA S.A., O=AGORA S.A., L=WARSZAWA, S=MAZOWIECKIE, C=PL

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

615B57E3504C929E3B64ED936D1CE68B

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:y3mdjVK18l5wmIr/dcFOEw6NUyZOYBwBCoHH0elc:yWZV7Ir1ei66aUBVvc

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file installer_microsoft_powerpoint_sciagnij.exe has been seen being distributed by the following 50 URLs.

http://www.headhostingfactory.com/c?x=t52woIag WSKdQCRC8h5LfjtJ0NmgPfKRlqMx0Nr3Sk=&c=085rEm4rO/sYSR2r9l06b9KEdVIriDCxQBPC1WEWU63Kk1Q8OZHrt6OskjKztSBMRoSljk5FAS9n1xlx3u0g7qXuzpPGYoMLeU7QWh/5gorplH9H6rYH4JdpPe94KUak&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.universecleancenter.com/c?x=H48RC6/nIXBuk2oq TIUh9xbUrw294v0dVZee7yX8CI=&c=i7HsN4LqXSrML8AFmcx5veNZ0ymLzhYe8bSkdnn5W5qknsuMOpnxXyaZx8VQlJrr4EU74ze4 4o8eI/xFWmp/GsCu420bLMbMdz0qyfJYKZRAt17nXkZHvhsRbAW0Px/&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.contentdltour.com/c?x=n3CknK9MnmfVvpXy9kR5bTiU3jzDPVO7smzXwEMP04s=&c=B2qCGt6TJ0RwkDq9rKsNg0HbFnj5Evhc75qjmSbV73ueBkkz8K8uuUlCpBdFVqwW8pE8gCYhJP06aaP2XcPkMggTIilenu4C0r Sa1AZ7hh9HY9PsuM3DapXgDDZkkTMwLcNhyN8 Hny XVxN8CEhg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.deliveryflashpackage.com/c?x=Xan7SeWxrEqMm0p2EX0HTelv6D0BTBRHw3BzQ89pOfA=&c=xSclupz/nTcHU 97d4EyhtsD chvIWJLuCqhZlbVMEB8EFUHNdPc DH FIBVyMXltTM8LTeKHyB6yoTnB0CjY/PeO7PwRmhATYEfXw7ZZR6oUAH4QpB3Sw9Ew2TzgMC6wm RiLrb10JT2FJQ nvdsg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.applicationcleanbulk.com/c?x=R4y76CU3MlJwavKd3zwBAcalBa/t G2W1j1CeE4tY1I=&c=GPsIHZgyqe6jxY34VAvmunTUVSk1CK6Qqee9f4dGnQw2EzAFaVKvXQk3bu0VZswivfl ANS3dqf4Qh QcQJwdyKCGoqtEFF1ATtMYnq2invw/LUc6Gl7hMqrKE9L6YdCkTAQODe7wPW0MU711pSmTg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.flashcitybundle.com/c?x=6 qkJHm6Jpmt2TU498lYgPXBA3nCFl/HZ1j IfSMMrE=&c=r73wwnuj5qobBUJLuuEQ0Lw/pV3l4MVNDNG/DIGmjIEzhXqOFG1R1APPCj3lR25lAyzjRZx1VaSrdo8Cck OcI9izIHFuYgb5sbmOu3NPnLhET88kIoiFxPd3fnbQ75g&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.towndownloadsigns.com/c?x=a5v8STwQgVAxmzsRsNLOu3hPm 7k7eICZ vYMgFb194=&c=MjnfJ3nAmC7CANDJMOz6KcY6EX2tWsD5yujTB8wqR8ns9iZOUdW pfBRtdPSSUuZ363RU36HlphGwJO6lSMoq4etaJYhstfRBqMkJc5uZ6jE3ehBciI8ejqKWD1Cm4HmpsV/pPO5CCAR0jwaQtjcjQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.universecleancenter.com/c?x=r euoSDNjGPYfh1uq9LFcelo/XOpPi9tQvFxTeJxNQ0=&c=QRN AFg6E3BF3YuXh2auG6 bBGdKJz gSctYy5OWxkxdhF360Quc9w6Atx dnHATy1vd5nZyqT0244WqcHu4Ak/xhvICafS5YuTUz kEXrXSf2zRr6cmTxOKg3swY9bx&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.headhostingfactory.com/c?x=2cmMQXz/L8m8qLwJ/IUso7V mM9wuYdNNpeZO2bmNV0=&c=K1T0/KrNymkAh2g71WID0oHP1tewrtO3iib1Sd98bC8A4QcHZg aM1ABMK23D1iqcPBaXxL2adjvLAfhU8ZeYCYOI9GXhmY9S2nZvey6qD0Yll3KzxQeAw4HdsaAatOd&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.hostingranchbundle.com/c?x=/b4giMqJSErlEYrLbuKpBhdlWBIVRlfoyW8Ibb2i4Fg=&c=Om cbvklrlxg5fnxwEzhxJtyXVB5TX7zcYOSgHlEq5haDKQZgbgovRjspoci/qwt9LLFdfIChB3S8oMgtGb134 UQtSVt7vjqKNGs0zBC36SF7KsLX43tqRA8bYTpfbryNDjM2WS 7wA9spOPtXS5g==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.universecleancenter.com/c?x=Wym5Q5oiEUeXOOhN9j kJXreCERQxVRI0EcLxtYutDA=&c=HbwDhBFIC2xPc5QD6vxhszxPUAyywMCZmR8a28tPs6YP8yvMsx5DWGmeMZMVkXBeBy57rP2xmXWFqWFgDNHd4CtH1m4FshJwXfXkzKDITYtGGUPzjjzwFbEED1iAIfOs&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.bestbodybulk.com/c?x=VNnMqlMw9dTBEBqo3rP4huHyg6yVKfJjgiYrw62lZwE=&c=bCKWVyEGkZQFzMvzEITlvVFacIo1NNUuPJ2e75HhnnrU29tLsO4gaBcaWvGivxPKqLfjIRwQwzaYBUoc0isxUXn35qNQD91PAIAcU8Oev7Hskwjbrh0wTsLBLIkdQR4 VfaFs93ZVSd84FWsTzJ DQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.universecleancenter.com/c?x=MLkE4TPGP9SCGD7qMsqwPAw388LKBB028IY93ieNH3k=&c=k4EHszo0 HiW9bjkoQqOBMuBiI3GYmYGFJOIpQB4nuWJQyCuKu4tnJRu/sTV9xMpa23PniqG3wkFmuGAIvsL5DTNCMaitNAFVsK4nTy4aE8XfJaazdFUbkG GtuoMNCo&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.townuniversepresent.com/c?x=M5o/KTENCTCRSXVE0CWj4KVm7 8kzJn3HkfkzxAF5YY=&c=sRskDlObDw2RCU8KO/cmsm N1p761yJd rgnfVhw7xEPHQX0GMDjyq405m4QdEKPVRVg9BpLMTW yVADcbeE10u7eoFsamRvssxJewDeR17zDj3EHH1/U2pd5Zhw4XGViTJbJzdVlmt9PW gA5FTrg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.contentdltour.com/c?x=MlszkpIOjuJlwiV/nLABE1kibXQGZQS/uFXebbwFcOY=&c=3UPnzeFQ/D4EenOwth/SbelJcExhC/SoVU/nR12cMv/rYwjU6J8/rFGX1oQuKa0zKAx0i9hwtP70/N3CnOxQFcVzDTMKBXORPKOrCKJ6RYIBC2IWo9J2ZMJB3/uYGeV7Z53KQHct5wrNqzIR3v/9FQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.headhostingfactory.com/c?x=PZoUQxh56bdJZ9vA4AEp/Yep 8N7Nm5Uiwh5kSm3DSc=&c=3f1cndoDhK0DT8QySdPxT9hf2NcoH6rd9fAK6rAF5qdzBmuki/XfDLLCYNcL1Wp4Z6Syn5wxHvO1Uohjf bbbhWzBC77Ig/sH/AOhIjc4sMvGRs8T7JKqr0QCI1Xt2Hz&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.todaysharecontent.com/c?x=1NdsiYhneOjR lXGwwnIrVN/d9Gn54moBuuVxZHYzZo=&c=CFw4LMXOxSmObZVoAEINoS apJqcB kv9ZEA8HNfXVziE5Wg0ZlADv cBeDJiMnoHTyESQ4GOURBmgpblB3w nLkORKdJPDOkHASVucfd9pJZkkynTivdEKBR zj6GKN&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.flashcitybundle.com/c?x=Jmni64b2cCCfoIhnrb2CNplNt4NbCGMutDcoc/QYO2M=&c=G kY53rH1o4Fgkk4Sjdo2kVDLAzW n27f H7n/r45aiMqd54oSrcoJuJ/JiKkOVkIj93nhXImH17r1AOm/YR46daDrHBQVfCylEwg2UFu3g/6O1bBW6JGrWQWQ6aYWWI&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.metasharefarm.com/c?x=OukHDl60Xc/Xr8xqEDayAKDdt8cZA15oU0keYkAfBh4=&c=Clis2 Mgl7C6gxl5nrR9n0ICDo9ArjbI/1VbhoGNYHeZnTyCF7OuksCTvUYu kuUnXQaEvpFnYNR/jzRivxjStprg7YB39PdaHlWIumn6yY2uBhiuXCfJlJSTqhdUKNdKQ2yqD9p5zUi vQJnDOTlQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.applicationcleanbulk.com/c?x=o4DJQ39794vf2XVDjmqWKAe4hRuX/Jdb3vyRVEjk3oY=&c=V uirquVKErMY3ALAIh9Pl7kIPxKFJWxH9C5EGpmN0JH7yFegptScVzKvHxAU1w7ynn1DpdfKTL3lAA dlMhlGJJjlvawEa F/DO4Ywkwfl9/kfvVpUTKY7fY1rtASm0A6jvQMP U/jynePUtlPJCg==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.contentdltour.com/c?x=Ud1tMldDQbvZ/MUqrNkJCgodhNJO654nmJoSn9CsZQw=&c=jAJXQpmmA6GatOC0pty4AfBYYNa0CzdxcfGm4 zdtriP6B8lkcYe29ueApZ/SjmAVv xAIQNF4Ucf2ml3UMa4rQVRe70vnhulnLkMcHAqPcBtYQ6JZBNC/KeAzFBTP/qGOChXsgqkSq6hgweEZirEw==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.flashcitybundle.com/c?x=RDsM2T2ZsqzKNT9gRN4r1tBSAYF8Cg0LEKrqoIesdcU=&c=a W7xihTac244uErb7TBEEVpKNLhY9veNaBerno6LEPIC4AhJpIcspzlbVbX9Lb4eJ97wYmTK3/l61lD0MCK2xCVjb4EI49k1ZvBee4JkGPhhgnnD7ukVzaHnITaVYjt&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.contentbytenew.com/c?x=IsERSHFONUwPM2E/Dr5FpzlrZ9s8FaWQV8JKxsh8viI=&c=l2OMFoYMEGzllrby2dTgRzQaxjutWhvxfD9uUl8uw6Lvdu EmYYN22GQ8xO5HiJjZME kpZENi6Eoyc90EYZK2Nt/KVSs oQjcvB8mgAgsOZ1c8cf0VdN6CsjxQSicQMa1W9CkRG94ek9LRK6A0T0w==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.flashcitybundle.com/c?x=Hb17hNa5mDuI6RCqBIw5e2gzfFK89N3d5gdj7byBcIo=&c=Mu6gVp9oRxMtpdYGbQ8X7bpTD5NgPLkthEgxw9GYG9wgrKwuOREvAjYJ06r/UkTWzobbL8Nrg1469iFLa1nicw7qx/PVG9mtP 05N7 Z3 VkQv nxPVCFZHbQQjz42b&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.downloadstoursquick.com/c?x=spdiX5/mEjEpOMK5JqvnD5Z9xa949fv7l6jg4SGrXzc=&c=B18dNm/z6Ao7QS8qmBl2nt1HuJISd24rEGTrF3TxYeK9GIUEGyKKaQfLQOdGjK2MCAXhxlpBxW40u2Qf0E05BBYU1kowvz5Ds4K3ioKDcgMl5tXl483hz07MC8I0tmAnw6x56xGDEclP3NiNnyeAAQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.metasharefarm.com/c?x=5OZX3SLTWy/PGt9VKo1VKuulx86IU7mw5DyYM1jvc9w=&c= XlIUVOOpzrRu35RDn9cNa6yZKjV02RR6qSpepawul1uWzQWbyhqcX844hw 8JRlmjU84BAtTPQOKeV9ap9akYZybJg3Ohs4rRuThiRgn7BmgAZbONBbJCUUzFWPcaewohRtf6rbz3ys46s3ngb7Qw==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.bestbodybulk.com/c?x=0MGPIat9vhzqB0qrlIXjSy ij/oJ8k8F1ojfo/9fBe8=&c=7BNyXCl1NB/CBBlArGyhq9lH7ECSt4Rd6eN5rbWv29UYeptqHJSfSSMpzw9YJCVm0hshdClsEyfARusdjnecaPCFAAI5PR bPFwRVZZyr78j1j/61h9iZBpivxloEPU3S5CwZPQMkypt7uF5Qy4TBA==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.tourstockheart.com/c?x=/gyt82m4LhMw7 76/CGIEGgxudjkcEfyDo5Vc6d UA0=&c=EuRxxOhK7fKcl2WadSn7rKTJUlqRtd4acT6/r19GXAxyvXB7KgRqTjX98eYun1ozrPKR yR9TBJSj3BILZwhKLD6VRfsPUqs7qBR0l0buijpVpEWyQOHa I1v3A9Lwnn&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.downloadstoursquick.com/c?x=leAvSl13JRi5bDUCUHkG5lWkc1f6mp5x/xx4X7fPcZQ=&c=Ct2j3Hxl p3qb1bY/FqCOv2Ogmd9y YTRy2n4tPsIHVoaGtrDIu EtKDGMm7ae6qisQkUtOW0 4sQuK0GGTmkn9uStCciB1kjl9QaPKXrZyIM716kKqcecHKvlaMHl5GF/7oqCNpMR3M7T2tTkhbGA==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.applicationcleanbulk.com/c?x=hJBLArJhRhISAOB9CFTZcMSwtv4K5GNPatZuKHysoZA=&c=DnnDCzADExKHvHSCmq5hicVnECJ89jwy/ Zmj4hJlWtRL2nNxrt6XERyI1mJvZEQK66iUtyhyLKpDlqE0as8gmbziHZ5Yj6Np5E1 2DSxUQyS9HwUtpCg/VjOCWt1pKt705sDAi6QKFhCemoC14fjQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

Latest 30 of 61 download URLs

Remove installer_microsoft_powerpoint_sciagnij.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.