» mp3_rocket.exe
Overview
Analysis
File Details

mp3_rocket.exe

MP3 Rocket

B-softwares.com

The application mp3_rocket.exe by B-softwares.com has been detected as a potentially unwanted program by 8 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.

File name:

mp3_rocket.exe

Publisher:

B-softwares.com (signed and verified)

Product:

MP3 Rocket

Version:

2.1.249.0

MD5:

8e9a2dfb09388a421d007cc94c8840d5

SHA-1:

0c7c5bcdce1da295b833a16cfd9c830ed22b4d9b

SHA-256:

ed61a34af5d05b58ae4d6d77fd622b2383d069f51e806c5c72d4b85c63d4a2e9

Scanner detections:

8 / 68

Status:

Potentially unwanted

Explanation:

Uses the Solimba installer to bundle adware offers.

Analysis date:

2/25/2025 11:07:46 AM UTC (today)

Scan engine

Detection

Engine version

Bitdefender

Gen:Variant.Adware.Solimba.1

1.0.20.265

Dr.Web

Adware.Downware.83

9.0.1.053

Emsisoft Anti-Malware

Win32.SuspectCrc!IK

8.16.02.22.10

ESET NOD32

MSIL/Solimba

10.7058

Fortinet FortiGate

Adware/Fam.NB

2/22/2016

F-Secure

Gen:Variant.Adware.Solimba.1

11.2016-22-02_2

G Data

Gen:Variant.Adware.Solimba

16.2.22

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.1.118.0

File size:

107.5 KB (110,048 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\mp3_rocket.exe

Digital Signature

Signed by:

B-softwares.com

Authority:

COMODO CA Limited

Valid from:

1/15/2012 4:00:00 PM

Valid to:

1/15/2013 3:59:59 PM

Subject:

CN=B-softwares.com, O=B-softwares.com, STREET=32 pinglewood, L=brampton, S=ontario, PostalCode=l6p1e3, C=CA

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B98D17728133C0375F64DD24CB19957E

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:YQIURTXJ8eqgKJ+BCPCHcdAVOIgw1atUrk8aTLI8:YsOgKWH3OjhOr3408

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.2972

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Remove mp3_rocket.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.