mp3rocket.exe

MP3 Rocket

MP3 Rocket Inc.

The application mp3rocket.exe, “MP3 Rocket Setup Program” has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from www.mp3rocketnowbest.com.
Publisher:
MP3 Rocket Inc.

Product:
MP3 Rocket

Description:
MP3 Rocket Setup Program

Version:
7.3.2

MD5:
d9e6afc03f3d7e89f7bfb0ce7b43905d

SHA-1:
a852ea5f7102c37623b82fb98c6ecc53ea683413

SHA-256:
ba03717f6ed5c900b71448cd2af10b79d6cf1677f9bfd8b87d5df72009187585

Scanner detections:
8 / 68

Status:
Potentially unwanted

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
12/25/2024 12:27:29 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160518-2

Dr.Web
Adware.OpenCandy.194, Win32.Parite.2
9.0.1.05190

Emsisoft Anti-Malware
Win32.Parite
11.5.0.6191

ESET NOD32
Win32/Parite.B virus
8.0.319.0

F-Secure
Win32.Parite.B
5.15.96

Kaspersky
Virus.Win32.Parite
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.225.1590.0

Norman
Win32.Parite.B
28.05.2016 15:32:18

File size:
1.2 MB (1,305,562 bytes)

Product version:
7.3.2

Copyright:
Copyright © MP3 Rocket Inc.

Original file name:
MP3 RocketSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\mp3rocket.exe

File PE Metadata
Compilation timestamp:
11/10/2015 7:43:19 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:3HeAFtCmJlV4wItTweQMiEKZ4oGm8OKtXE7Och1Pxi:OUZ/Vn2Tw/MibfGQK5chi

Entry address:
0x116000

Entry point:
90, 90, BB, 77, 8A, C6, 00, 90, BE, 20, 60, 51, 00, 68, 98, 05, 00, 00, 5F, 90, 90, 31, 1C, 3E, 83, EF, 02, 83, EF, 02, 90, 90, 75, F3, 90, 90, 9F, F7, C7, 00, 77, 8A, C6, 00, 77, 8A, 86, 00, C3, FF, C3, 00, 0F, BE, D7, 00, AD, B1, D7, 00, 77, 3A, C4, 00, 76, 8A, C6, 00, D7, 6A, 81, 00, 57, F6, 8F, 00, 47, F6, 8F, 00, 37, E3, CF, 00, 69, F6, CF, 00, 59, F6, CF, 00, D7, 5E, C1, 00, 69, F6, CF, 00, 59, F6, CF, 00, 77, 8A, C6, 00, 77, 8A, C6, 00, 77, 8A, C6, 00, 7B, 6B, 81, 00, 0F, 6B, 81, 00, 77, 8A, C6, 00...
 
[+]

Entropy:
7.3853

Code size:
500 KB (512,000 bytes)

The file mp3rocket.exe has been seen being distributed by the following URL.

Remove mp3rocket.exe - Powered by Reason Core Security