» installer_microsoft_word_sciagnij.exe
Overview
Analysis
File Details
Downloads (291)

installer_microsoft_word_sciagnij.exe

Hapoc

Delivery Superb (Fried Cookie Ltd.)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application installer_microsoft_word_sciagnij.exe, “Hapoc Setup ” by Delivery Superb (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

Publisher:

Delivery Superb (Fried Cookie Ltd.) (signed and verified)

Product:

Hapoc

Description:

Hapoc Setup

Version:

1.1.2.3

MD5:

c2464498e899e8a200ba541da10932e3

SHA-1:

42e4866dc9f137478407224f24480c9553a9da0a

SHA-256:

c190e7caa909b1fdfae1b6f853de03b48a90ee93f518dddf345abe489d434b26

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

9/29/2024 12:20:36 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.FC.Installer (M)

16.3.18.14

File size:

1 MB (1,076,448 bytes)

Product version:

3.1.0

program

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Common path:

C:\users\{user}\downloads\installer_microsoft_word_sciagnij.exe

Digital Signature

Signed by:

Delivery Superb (Fried Cookie Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

12/17/2015 12:59:53 PM

Valid to:

6/22/2016 4:54:14 PM

Subject:

CN=Delivery Superb (Fried Cookie Ltd.), O=Delivery Superb (Fried Cookie Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11211DDE033C8F24FD358ED7B6271AD4DE2B

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:drJ0sYhNlI+B8Q0j3SxuQVyQPGCBU8I3iSsc7tHv3o0bDMX:dNHyI+BKTQPnBUzV7hv3eX

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file installer_microsoft_word_sciagnij.exe has been seen being distributed by the following 50 URLs.

http://www.signbinariesfarm.com/c?x=CUoiTkFNrwIcGg6BkYiLbrbGN8DKW UQ8oUlGFYUODA=&c=73iTO8ih2Lf7FTXim2hhlg0jIzgEw1 /hbMG3H/2DkZ2HNekDB4eNUc0xXzBN2NMlrC18IU3q m3VWxpmAW UmPf3b307AemhiPr4UAcSJA/3f88PuH3zFPXRaxJT2Qe&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=bJ/Wq7ipHoPp6zoP1979f1igt57C3g7wbfDz7AVKuwc=&c=b0TdwvTvjHuMD8INObPWYWtLKd2kqYhYuzuBJNZGsouWOxo1A9RqMFhQk5paCh2Z84mtE3GjSfuYjr7fezf2bEQi9X3pFb8Ug4A5IW8hrlJ8ZsQDXwC7 KHajPVzGoNE&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=qPJFapObqTcXHNiSjqx0VJg/oJ0legyyMByykNzYwSs=&c=SZwOwTOIeE100CxvOgL qFDCkk4LZ5cvYDbtb1HK6CM/v0mv2jrLiipLPzP7YT7 fWqvCYMui6aTS9K/qafN0aj1ugTQPhsHnPD7cfBTm4c3qoUPfFh MTT2MpRQhEUI&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=73/wZxwEdeo1C2mWv mQ3Q 4vcVCkTgYlGKEahgphUc=&c=i3K9f4Xwt7GdZUcjUFvYIGr1NcLmLadBFIQrf1kKRxcEXuWJELw 55H7JB4430n900SEZMUjqw3UyEirmTmRTMwl/Z8u25uCw7p/48y1nM/Yw8ejZjhsFhFIdpm8l015&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=YlPAUY/7kwy4k CluRESRA4CQ9Bp/WX1O0 iMLu6Dtc=&c=7CXQ1OKp7PBh8TEAouflASybHSZAT2ZOn46Vg1jTj NMZH4grhgHXGGiiJ5bLYgy oJOdMUkC0ANVTEJ9KweT6dCZyv P8h1FSlZiug8s0mK4yMs9WksSpQUBMO/KxJD&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=X61k8 YVvvAE eFJ/PiGqqrOF2W8t6GiLxxGRd1XZ5c=&c=I6dUHjOPL59Nv7UxXwy HLqQmiLizcnwFXor7BSfCX BAu87Zl3jXRjUG7Mo6dwRzBqW/OF8OzDxIy7ljL7exiHoBkQDHSGgjyg8WL826LUv0HVhEArX BoU5746j4bC&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=Tgrl5itlPjzgstf1uu08nTSf1QdYBgAVXB6kG2SPXE8=&c=0RKpSeGrpF7Ndza/mBdJie9eCWiN6NT4thTNYriuoDZmJVqbVxsWje0/cT0BBq30oRMX7tWfIlshBp/BNfmXP5ynzs/4LpEx5cmvuFl6Re4CuRD1eHHrmi5mF55p7ZiT&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=d4PGm/DfiFewTsgRpX53xZ346DHWnrKiYyScdhcfoSw=&c=km6CaTqDMbWkHLg45irIR97sh 1/RGtR5RAqJM4TvDQmH5odBWOS86hq31bqN2pbjlyWsu/F3dMBVG6XfZz0kaOvot9iE3yIcM2APLDCPJuRVpvBdRO2Rje1zuY6mhdl&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=xV9tYAHAt9OpsPd0kOMm/jEC9wyd98y8JmSjNg4z/08=&c=sUglJYywjcHLarFAR2aALut3XuCkM0DDDPJiIb/SYvsNX5B sMJbvqmZFz6auhsmUj3Z28bYyB4TVkWhm4J78iEuFcPS m/H0MUD8TfwJ5J7aPFEyDzuiMZ/L cgUh4H&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=6yFw0sPuwrp KSue2POXa3PJZeP V5K6xLh5QY6v5uM=&c=wKUX7mDHCHIpfdCRoLfVopoRlwKj PuNIe2pGK 3Y7XHBqLwo5/kIN9zNY6SnA2cZPTAEYb1jwl8aSkAWrT4l5on6o4/BN3V tck8Rpt5UCRb3POBvEIhgP40IkSsbGV&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=zeT919NTxcIZPw2JTPDQRdzHGj1uEPPVXkQfjeR4AQI=&c=RNt00O61vrNXq/gUpuEzEPlDyuMbX8rlNF/v6eXHEREMYD97e/UxvuHeKQlEnFbX4a2dVAc6meHNC9WA3WPp2eu0SIp0KUCf W5K0z4GEKML2w1g72wAY2Sld/biKhE0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=Bua0YevCZja8S25NfKhECzla9 VW6/ hWLhh0YY5IdI=&c=AzqROy0ZGkSrE370/ dWacgA5JA2skRgRfyI4YMZKaIbDkqem7ng IzEyKBXBFGgOpD9QyvsKmHAVZOWzg9ED8ZySso8IyYZyvS6Xcbrc5nqFpfBG1x rKbeGlyhI9Aa&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=7GBpEXa4jqefkIPdAbpPeED3/ayPrrd9DN0zOb6BcoY=&c=wccd0sgJ5HvDF5G nbIkweqWLHHRLe2acUqznVZY4PG5q8fgteJKNdqLS8fQ2nkhWgkSw/mlmr8B6pLPNOoKJrofawUP2ptuu8skmGvxkR3PQnyCs6Pvrx8j3lINb5se&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=6Z4rYhagPOOkm9fRQvawk9WNkQrgfKqo0uXs1rpBsw4=&c=dK5HkAFfb9DElpUibQYMDrL XtkB7sXeDhMXATxeYIYqmQhO9wDyJXp5PJ4ccxaa5M6zLH2WRpFMg7HQAo9PB98/QZQIv wTHVrUeB6 okF 7FP5EXuej29LMd230NxE&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x= QI7rL9v9wUpZuiclbLiKmP14vmSmFs2GCMkQJFVuKs=&c=YOHtXYFBFyXdQ2Hl8FM87iwXkVn0MqlnP6DS/YnuTOH5Jg0YEO08faU0DqZ5tN8hXXsipA9k wmBoq4rO1UcwPLDwNTL5VM7wyDgeQCw85CErEv0LLx9UK4jZZ0EGIEA&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=wY8ZBOgi9 P4Ah4OJuv9DWWKFcXbxMGicV1 XCNEYhQ=&c=7bEuB4JMhDlBc2jPg8CqEKxKWkItIxzyZBiDykjapDGbQ4b6VEn4fApN7h/hUy5I7SmvO58GhwUaRKjGEkVZ3KkJIhSIncgkyZrdAb7kL//2hgKguMfgaudrYe MW9Zq&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=TtIZZC/hFFISTMmB vdPhG/EgqVWeQIPS5SWhvRPkBA=&c=Pqxrvq1qj5JDtINHurKlWg1uYCiI5JAmfLWqXZN6JFY Jkw9j4Gf4Psm1cBWLfij EeUK1O3X2XCc2vH1YeCO2l2g9GsTDedPZOYdFLffug7esnOTuETZkaoBVWiCBRl&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=pBIw66ONj03FlkAzROb 3uETXjhWfA/sLJ34wvs9lEs=&c=3pYQmdi1qdvRBAG1cAVDdk4RrIoOGnDNxXheALWRIE7O5QkrRt KJk7h/fukfWpfjETUVm9zhvwwPORa3zs0aYLj5ioaGuu67N1Y1jjFRAHRdhr3h/CbV8C6jjyW7uHi&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=VOc1cfG/0r/tdU8AodQR u5Kqgn2oUnqBdFQwwBVxO0=&c=/AYiEU7AFC4NjmVbz2WeJ9CyppYE2lqtqKkZFoepwy7N6Nmb9NF/nCe2Edx9fPH HcdaAPJaHtIUd3HsOImJNxTfQTd4Fusk3EDu4 HdLhXp8Kz85v7olrocFySKdr79&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=qcgc4I6c7L9pO1fU6PFRRWn9yyQxoAn6bRDbJcB6OuQ=&c=38OELYGIMnd2LZTU3Bpx2y505wdyb0tZfkf7W7iDcHo7nPPdMzBR3It21ulwN/9gvoW WH7Z5hpJei1GxgKVZRL2MB8IgQ7FlkjmgwoQKCwDwJUaq0bJXXg4Z9MJVScE&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=4N0srvjg2BsR7p3BWrqBKhL9HyAdFaKCq1IXYDBWBpo=&c=FtR/ixi3njhRWCrq43pAbmgogzD4aR2I6/XxFqH4c58QjZkkqaHu4633gMCh9k3dm64UnfUSFS39xZApQJd ZrA1dbc0T4CVBAFcX8fwm6Ht49Dc7qDZOpOeXv7ize8G&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=WGHFhy89bhe5z4Kf8WK9JUKdvE21ShX/4i4U5m9Nav4=&c=YVByWRVogkK7NxEZk2S6twLOseCiIKyvf4FPQs7UsKpzCfBDtEKQQQQ8vL7Az/8S3NbDK5XDjhGLCmrKjyWEm6lTnr0HBj0eiMYjigcq/j92sAs ZtURw bu2p3 mdB2&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=ztkNdQr4AhZjl26VMS8GjJSY3KbznJBf492koGqRemw=&c=9mFk2Z9C8NhQzF4 x7tdJ17bGcVkZI16W7u8LhqeLQ35otPjYW8bAHvP3x7ItFSjhlh4aSDMBWrnbsbuQTZ0wtFUSuXJgnOSq72g29wK7Egxw4KGFUeji69cB/Bb8D6R&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=CqiC4bsshIYFQgzqPO7JN5yC50ucbhSnd0wydgRl8o4=&c= 1fjn3h8vFXvm91DtZ pj17dI56BYX/PwpzsKJot2Lp44GgF1i6eJJvWja6EpKn2hBnOg/WEI 5nuePfdkkL5C3FfIrL68QSJqG6U6k/HSK6n1d63JHq365i2tO3GUJz&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=0XVNTgY7tRA4DeO8QmqMzJ5/JVdhzgUNqteSXup3Hc8=&c=9LrsBTQqoA/MhJETCEHltBkaDhw4I3WlpQ/qnQ/8gtqsAvcYTOxBi2 UHt93IprmRTQ rzkmF/sr82J2rz/j1d3zDYR6L0TAu0yCL9W4GPQMZH cJFX2JuGwiLOAgP5I&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=Urle4bbBn gzJQJg5UtvIA0I5cAT89POQQGI7Dzrpl8=&c=COPnfE0aubNYTc9m2IVLb8Kbnwd/lwjB8v7mhhczGIND o6TuiXAOK1kZRlLK6bBgvG8GecYXqU9ArNGk6JETwThBmfd1VJkKKjMTx bKLSc7G7BQwzC5VB SlNpNm0S&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=Vkd4bsq6lDcDhI2TjFzA FvD9 jPmeqf7C2RTDc2p6s=&c=DOVsvbkPwny3EIdhCyHUlkQ3Fidi5L4RQ/posgJBxUL Q3vkIeB4F6LqXEEdiHxk9O7fmxrZHFRDzrHdtiSDE/SIsrANSwUQ144p7Nec3aCew Ab2s3bLOic H0LNjGQ&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=BR5UfJV7A trfpitWQCzVneAKuL5tE/Jv2MdWOwAw84=&c=/a3vZXQBw1FiVLa7f0E8oNPjjGeqHV2/ hCqmUKI N/Mdu 7vl0iDbBXm1uyxbZAnN/H65bvBF543omLJsOf82PfWDsTYAkCguO4S4kus8X IeiCaLyUDd0ADknnCvnN&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=Zy0a4xVKyEVVHWRQgUZ2hUhOx9CkqP8hIg9orVLW1TA=&c=aa1p48R0vG1zKUW /MowiYSNuhQcToN4ABNYX8N6V0JI/03K3v/K4fhJDGHs2jSr3Bwa4jF8CjsMt0ibZ6netfY8zR9GD3x0WPiqzyluZrSXnNLK6bH52XGZxKsopsfz&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

http://www.signbinariesfarm.com/c?x=DL5g9x1GqNkY43Zy93RldrHIyvBz8RIznxHt/SRki9M=&c=8c8JDGU9dfo3FqwgSKfcc4mjhMtxxRN3tazFwqKiWzIBSW3YtPQm0Xu8CA108hLDUxogt UkdZVuZ9HUhD mzNDEfq/SlEeWZkqf1cCUdy/AOjItG9D9Fsfu3Zt pkyl&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe

Latest 30 of 291 download URLs

Remove installer_microsoft_word_sciagnij.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.