internet download manager 3.16.4installer.exe

Hus

SpeedySetup (Alpha Criteria Ltd.)

The application internet download manager 3.16.4installer.exe, “Hus Setup ” by SpeedySetup (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.capitalheartlaboratory.com and multiple other hosts.
Publisher:
Dulorofehe   (signed by SpeedySetup (Alpha Criteria Ltd.))

Product:
Hus

Description:
Hus Setup

MD5:
589d3f55527b667bd6901f34bfd79398

SHA-1:
31eaeddf83d54e8e0d1dfcd7be036357bffa258f

SHA-256:
938cebb45125efa5fadd78e43d9c20feabdd3cb8b4e1f990f4616efd80e68137

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/27/2024 5:59:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.AC (M)
16.8.10.22

File size:
1 MB (1,050,576 bytes)

Product version:
5.3.7

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\internet download manager 3.16.4installer.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/6/2016 5:43:41 PM

Valid to:
8/20/2016 6:07:00 PM

Subject:
CN=SpeedySetup (Alpha Criteria Ltd.), O=SpeedySetup (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216B7B9B1E7ABF6047433BDBCDE9234400

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:vUQrFgJ1EbCBVp7cLb7uveOJqLwl7OD/J//sk8VlXxPsmgl7uq:vLBNb2VFcLb7uvReBt//s1xRgT

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9074

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file internet download manager 3.16.4installer.exe has been seen being distributed by the following 2 URLs.

http://www.capitalheartlaboratory.com/bBk4eeFwwhITdOgYVZl0xMq1ILGoPtcEm3izytQL3Tfnlbhu6hNW5vDmvVy7OfNRoI4lvVqKgKonzMWk0mGo73Yep8wT5RpezzKPhU7 48jKlX5Pq2CMd0jux9GsTbzJfYD4WD8thXayH6Onb1oTvifEAen GcJ2SoHMqqMhi4rsWGGVkBTpQxS6FHQcmkC17DjVR7UnTyi3SNs_OMF3Ag0xjM6 4fgUydb9BaEI9VJaMdnaKvOaFFQonpOseOVk_NHE9kvv7nUoZ9Cy5Dq3uau3HTFmqHrNAPInN1y802ihdiUyzOnnLJ02okzjQaHN9iM_KZ5X8yg2nnNWEUrfbcB9kbWGT3YOTb8zKElCuLoj WxV8VdVGnXHSnm8nse9O6_e1FALHiBl sYApRjrkJ5TRIsWoTpVcZQcYdAslkY7wa2OzrA=-GykAAERPFhszm9aNBwFFABM5YG8rk4PYG9s4kDcm_m4HIRP2c2X7qBjhAQ==-e