home

mp3rocket.exe

MP3 Rocket

MP3 Rocket Inc.

The executable mp3rocket.exe, “MP3 Rocket Setup Program” has been detected as malware by 7 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from www.mp3rocketnowbest.com.
Publisher:
MP3 Rocket Inc.

Product:
MP3 Rocket

Description:
MP3 Rocket Setup Program

Version:
7.3.2

MD5:
2dd385c6320f2f89194b25b73af5184f

SHA-1:
2e853bb94518442915b980d17ca0289d82ec7a4e

SHA-256:
920dea314f07b21d56f89fc1d9cffca34f7296188e66301fc60d9f34a248462f

Scanner detections:
7 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
1/12/2025 4:54:52 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160414-2

AVG
Win32/Parite
2015.0.4604

Emsisoft Anti-Malware
Win32.Parite
11.5.0.6191

ESET NOD32
Win32/Parite.B virus
7.0.302.0

F-Prot
W32/Parite.B
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.1489.0

File size:
1.2 MB (1,305,558 bytes)

Product version:
7.3.2

Copyright:
Copyright © MP3 Rocket Inc.

Original file name:
MP3 RocketSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\mp3rocket.exe

File PE Metadata
Compilation timestamp:
11/10/2015 7:43:19 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:BHeAFtCmJlV4wINTweoMiEKZ4oGm8OKtXEjnmaG6s:cUZ/VnuTwfMibfGQKsu

Entry address:
0x116000

Entry point:
90, 68, C5, 8A, C6, 00, 59, 90, BE, 1C, 60, 51, 00, 90, 90, BF, 98, 05, 00, 00, 90, 31, 0C, 3E, 4F, 83, EF, 03, 75, F7, 90, 90, 2D, F7, C7, 00, C5, 8A, C6, 00, C5, 8A, 86, 00, 71, FF, C3, 00, BD, BE, D7, 00, 13, B1, D7, 00, C5, 3A, C4, 00, C4, 8A, C6, 00, 65, 6A, 81, 00, E5, F6, 8F, 00, F5, F6, 8F, 00, 85, E3, CF, 00, DB, F6, CF, 00, EB, F6, CF, 00, 65, 5E, C1, 00, DB, F6, CF, 00, EB, F6, CF, 00, C5, 8A, C6, 00, C5, 8A, C6, 00, C5, 8A, C6, 00, C9, 6B, 81, 00, BD, 6B, 81, 00, C5, 8A, C6, 00, C5, 8A, C6, 00...
 
[+]

Entropy:
7.3849

Code size:
500 KB (512,000 bytes)

The file mp3rocket.exe has been seen being distributed by the following URL.

http://www.mp3rocketnowbest.com/c?x=RIm4dwzG94jsc0X8fzCkTpJoPLtTAmZIE4PFBuDiqtk=&c=78iwsYk9DKNVJthavNWZYw5rYSbAmbp9AtmZMXRWJmwbWVPQflFc/u/bLRhcQtM67eTLio 8xMahyPOTxVvJKd5NkS3GCA/0oaHn421 qOXq56YgyEvME1J6nOAJg72SRkNtBdfDXAmCGsrVjOF3Vg==&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.net/.../mp3rocket.exe

Remove mp3rocket.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.