home

installer_microsoft_powerpoint_sciagnij.exe

Hapoc

Delivery Superb (Fried Cookie Ltd.)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application installer_microsoft_powerpoint_sciagnij.exe, “Hapoc Setup ” by Delivery Superb (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Delivery Superb (Fried Cookie Ltd.)  (signed and verified)

Product:
Hapoc

Description:
Hapoc Setup

Version:
1.1.2.3

MD5:
f45c88e978b3fa4feb1254405fa836fb

SHA-1:
f384fbc396da4d55b57c8e0fa0bb84b46da41e4d

SHA-256:
d5480515024d674d1a9029b0d5bc60800b29c03e1d2327adcd5974d4731e53c0

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
9/29/2024 12:24:40 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.FC.Installer (M)
16.3.18.12

File size:
1 MB (1,076,448 bytes)

Product version:
3.1.0

Copyright:
program

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\downloads\installer_microsoft_powerpoint_sciagnij.exe

Digital Signature
Signed by:
Delivery Superb (Fried Cookie Ltd.)

Authority:
GlobalSign nv-sa

Valid from:
12/17/2015 12:59:53 PM

Valid to:
6/22/2016 4:54:14 PM

Subject:
CN=Delivery Superb (Fried Cookie Ltd.), O=Delivery Superb (Fried Cookie Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211DDE033C8F24FD358ED7B6271AD4DE2B

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:lrJ0sYhNlI+B8Q0j3SxuQVyQPGCBU8I3iSsc7tHv3o0bDMX:lNHyI+BKTQPnBUzV7hv3eX

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file installer_microsoft_powerpoint_sciagnij.exe has been seen being distributed by the following 50 URLs.

http://www.signbinariesfarm.com/c?x=rg403AQhwQL 5gT19ChCXRm 5TKPuRaVnqir6g5J6WU=&c=5RFbZffegEzXAhNZUCy0NWbY77RrOC7zGiUahu/dPAIAlMZpCfpv19XGwVtX5Cz2jQH0ltYvFjfRr3h9dp/qNBFQPKXJH60B/WqQmCctP6HORZp1ax4tiZGEmiHmjeFk&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=c dDPT JYidcVfkmyd0N0Yz/hVwRX3UGSThPPDvygMo=&c=FbZAT5EOu0B1W6C5YrXyLWbD cNZ1iysh NgX2wCVCk3O AoS6NWZ7mvpkLFvABBDXLsmPsb3W0gOaWSSY6tnL4rCqIuNZm2Qq8kBNsvEz AVF4xTnngvHA 72RYyoZP&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.flashbesttowers.com/c?x=OCVX6MFcB2fj9m2ujRaafTgyn76evmmSAVX5NINn8/w=&c=nymFvD6f d7cRKae09OZEoC 8FyuDgZ5D 6rKlGa cn0hS7j95zwTRGD3//Lts7 Tq4myvmo7DLyIGQYKL/iYHmO3esjFCkGwkdgTH6DlkwH3YEPQKyx8eUS22qgOIRW&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=y RkFMuvUn6vA zIDqBahOyR huqIWMD/iMEvNCoH2c=&c=sK3WL1rpM6qKNzySeIbcbYREc2/cXY79kBfvGYuIis79IhjiK81N4EQ4a9Db3cP9hOQoC6zBO7k0nfGrstc0zAtQQSF7A8I8BwCfFXcQEviImMw9O9WESfAywJ qZYQl&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=MQ/5/x8LukgmhDuJWOBiADm0Wopxbgdy07gI89ZtaOU=&c=1T5reykXdlTqUL/RLaaUvQJFLDYz2wFkzBUQE1yGnFg6oeYgyzSamimQho4SoZrLHKCLuTe6k26yFHoPFsi7Vv19HBWEAOtstNFOgaKdUpmslgjedA9uwx4fVXN/sjhs&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=FhyALGz2PkCah HZx 0VeSZx9t1Yi0wJG06GmadkGkk=&c=1CYaiN6xWs4dZ9qtLyn9ZMFDiPbEohnvBVVGuRbKgUcEoaCpJexWanIgEqunfOc2eYkZVgyLg1jfKTkKywjD1p9AucaNWxCyDsfiAGL95qzxrkOaVKMoeHSppQ3tK1hz&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=XqNzYdwlrHBugaYR3cj2XEEo84NGziVFIIIq43YOAsE=&c=ndDjcb9OVp8cEYqmGfLqdvLnjKb3ghSI/ ApAaM8cQSBo4Pqc7ZqHgZ87v/XkE25TEXdYw7xDC/ibV5z18yp0omvK0 bSGo5IhqqM4aYgkkzINg2CUbgYc3Hf42OXk2V&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=9aKBYCuW1i75MM3M3QVdH1S8XjWJxZ3H1edJ5HR/ZQ4=&c=9QBPjF9ZDsIgUjxR2ETshpcEoe GFi2iO2 36LkPaZ6s2PNvWQZTIh1AF6fr24jLqx6zJYhMEWreCIaUvqPOkHtic0n5iKbmP/XrnonH6kXSFyd7 2WPq 2VARbJLPX&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=XZTV7eO/JC/65o82OH5goTp57hpl1NGq2KrAvxSeHmk=&c=1lvdgs jK2ow3FYaii5paeJ6KtbkRf6WsoCPLZB051pdMAUicoO3lpB3GJ1Se4yYzmKCjW8yvco8tauGFtMNNLpCt2qoF2pZTjrn6yhqlDJY6mQ6xmYkacBqYGMLyaL7&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=/VhnMkdFb8mv6Ec3XTQ23BgS3pjnGM7BJ8/yPl0yaiQ=&c=Do2U3HX67RrBkh3jYtyMvOmORO8R2stgkUkseyasgRr 4s7eYpRui/somKxK1nGLK9 qTcrRmSOHGOWUqj6J9Wa7l EFTaCy408Xq07Fb8EhjGA31nd93a9oR6KT3pEU&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=hxtft7YmVP0bLZHiGAXvs4IdpGjCMOJE6KE N8ggyDw=&c=3VYFct0LRNJ84nfAyq MDh4pqSTkW9RJ9iKS3awi7v0d8kLr88foTTI23LQyihLRJColjDvOvjxf/t2ZeWnZTGMGlPVom/ALpIyZBi/4EXRGUtl3zh YiwqDieLmbo83&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=VP6mU yTVZTewU3C606xyODzAe9qTvwn7ka8FOE6as0=&c=s7yISYcsRx5l5 rfQv0/ptVvTdD9mhSEKFZXRVmXqPvh3NNfoBcHsghkKMRTDySh30Em6C5oVzXBxD93azioRj5wEZNpwc2NwBYbl8mf2GEGyrecXpfzpTkjViJw4XRC&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=sQXnZywnpl2qKgxmn4rUMj67e56c4/2YAns2QsaTn/s=&c=9/pVUhdZII8tpLzRKop2K3tlQM17ST4SPGB7LVyMItvqRy4kTEzgHrf0lzrOAuR4HtMgPa/AqxuguvAF8/NtJ vkWGT2Rgz3uOqo431nnEZ9ivCWa559iyUhtSZ7VYyf&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=ePgtY95WyfHlT8M5FtelakLfAWVbvRiIp57SDAQsAXs=&c=akN2xuh5zMw/vOtAkXsIyug4sWKTjIOHWbII35dmRgcVXX7jMyJltw8CoFSWppkMSnT By WKc4wCjColSwl88oV 0TUji5G6dkhu2jMQUge4GV0JeLpr7V3 JsERBaX&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=YUxlXUmp85 1P HUWyflDOsOJBIIzxCfcksph6P1Svg=&c=cIKDY5/XDQCHHySMhslzayXNI9khPpu pR/HKW5Eh8NylhmeYp2Qd YKa7J8sdwF Fd9 YxyqR93qJNCLlp08cJN4xWdm pOJlWsvseFGllV/c0FDONrkMQiDhXkqTPQ&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=JVwbp0VwVbaeG/QSDTVkSG7Oh4Pwayhn3H5JQcoCpeo=&c=yTLfiipJRTRFEYk39XufBhWtAGnR1VSBMqTJKHQ2hXoQD5FITBdY0SwtZhCVRMUPkwY8NlLvY0fXHK7G9pm9euortruJVP/VDHqsVqYBj5 qCjt r70oyvjy W/VjzET&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=040/1ZE9IvJVhO/2rn8e48D dkobELEPSGro1V4wrYQ=&c=YU7R44A 3OYsYb5nOuUzr5cqCc3MPfP1 hYR7Acz1fzgbpfXNohCt4xm0X3zjylHuIkQxH6ljGKyv98VVR34J6J2HQPP37NuKSOxKmwDVwdNt1sMXcfiSYsiEx93dVIR&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=oHb0oPZzl0E/wEpM0ItmBCMi2U2QTrEBwHYkKKWSs 4=&c=P6FX9mk OhpJdgo1bVzfITc KTYsfZQqyh2elyG6 wP5wg4XJ5A1S KyZZetOcY1FOCplkdkWlMU3rHWMAfief22D500CCMEGviZpoQt/02Ez4qL QP 1p6EzPL7VUGa&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=sQgNnS8JEsJs78DhxrZHEDb91wtRU4qq7o0zCO0L42g=&c=cf64R8aIKVL0jZFhyDRnf/qaxCaps d1/tUglUDNPlUEqeQgI1FO0so1SMIyvSHwR8UV6JYUpxStWT3Dj4P/i4OtibCu21CzX3WlunkQ Tz5LMyki22e8VmO5KEiX4/p&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=BycRQAsmjG2Rsnn2zq1afiCzDafiRrn71PR esXkHNE=&c=fQTBnXg vNAa5IAO lfxSFsgiFe3gSlbRPDb76KNEGGUxIhknSIpOkeKwUPC2nxcC0kbVpZRgmUTom9a/NV3OsBiOaGt96VoRZnEZW2Mn5a4DlPemGgGmEUgBNs56lT&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=lPq1GbBa8FNWdsXC4RYBDmy72 pxiAeyu0Kda/exY/I=&c=nnVcooVP34QUyISFPSfPGev/McwegqaVPO8okA8hlDqdkmCRUXsi5r9KkLvyIXEjzHtAU5XMUjdPeJyFr9lgnSnxq50CHXAvw2VgmROTFiChDkwiZC7p2alLM5znnw76&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=h5ceElrkK0McL4hFoPwDweDBvoPKRkckn2rSBrVhzvY=&c=fuZg94FKCKdxsUdR4yZr71bZWOpNSY0Mgasmi7fnPAzHqHPxgFuAjzqeqL bRlU4yHT0oOF17fx0khvbGj2GQoQUa0ZRXQlD0rB1yFXAaIK8R/ ZBcZkGssjQxHmtRs &fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=mVt429yP xGG1RaG2J4YVuIZYMvPA2EoT12t19h97Zc=&c=4CRLMbyvyT1SEFBf/foUxpLI1MQWAJ4a7 kfb/8FMJXXqiK79XH0PSlSx9sDcJzRSprXC6EZwLUjCAffTowRKaqcr6HWR2kAu S AfyJzbcU9oVgit kZ9YlGusL0RON&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=TUNKSbUocSD1jAMBWpZwUyhZPdlq8Ce6Pmemsf14JRk=&c=EAQVwzLdmeVsHt OnEvmS2AyzXWGD0snqIT BIZK2Zx/ gDLnGX1JTJbQOZ3AISSbYN6pm2bH7H7F77Kj3hlELhYz/78bE3NAOrcUoF0AvBIMP8mxPC8XrSP22OMh9vl&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=2Do/oqD7w8WOEedjlUmw1qqStQQeREVuxiqo3xnzqv4=&c=3MlkzpRxinXku8CtlBXydKG/VD3QodpIRwMG/Sw1ETiQ2JityonYMfDpJJI gnlyiEwiRYZrDxcQOk9F6/fVrrj5HuXEBYGZEA/GZy/kBoZXN3 aFUitrT1HXCAjR9Tj&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=OSVA9TvJYfZhk zLJiHKuMmF1Zx49vRS7ueWppluAq4=&c=wExxdm/G7uDnDD0NtovDpwC5rwZzJoR4ied LPfdQQR gzFezXsKEePQT0T/A93KjD25pDIqwUKnP6JSmQp8afHLup0FO7KFKrQK7G8zY1BRXg/dCSkYbvgDZOuiyTEX&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=LGdVmZPzLpW1vHCB6xZlPsTJ9Zeq5jLMk/TeImIneGw=&c=6rdbAe1iM2CNVPq3gqhb7Tn5Y hlEeHivxdlyrEHc5ncAYgI aeToFgmez4zbhI8pzjf7i0tWSxCcqLv7DogDvpHvfWKLdWGgKtKCdn2vRiVArIMbX4nyJb6 YIbnuZ9&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=x6lS32fKi3iTcnLo5mn48s2ixsidm3cz8dYGcNWjTHw=&c=fMpb28XtZJLWdKHjD7VDP4hU6OPUKnzecH6oXBDlhwpk5TUlcWs/t/GADMCk 1p/LdxqgYvVRK9wbmSM4Bv9O2PdAiPGfdPqwbv26AjZyl3SkjS EUfpRLTJSz4UPNDe&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=RcrhOg/44JzWcChYNDhpWCtio69FwbTjE oz7S/CJkY=&c=i8b1lU6uOfOBKQ8TFG4/xuomcm/Pp AQBsGQsYe vbUQO16VOkV6TtAY1r1aoMI0xVf/miS4zqaSAeXZmpOCHI9gCpj6GnjqDbZbgsKoA7wNXnF3yydJDhlr2pSnALOg&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

http://www.signbinariesfarm.com/c?x=g5 Wd5OO/6 qRHnrq7FyucPS8VZeOK0ZG76oOuIFa44=&c=rhpdJJn7e0XerTbO4BLU tem4zsbE6Xzda0SJ5hua8M/xKSURn20fs26pNcqQRwBwoRsXBixRpP4Sf7cpH6KAExoNzpE20QMtHqssWXJYMrO5o7N2hsOZ4iBFRGqWwQm&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe

Latest 30 of 276 download URLs

Remove installer_microsoft_powerpoint_sciagnij.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.