home

mp3rocket_setup.exe

MP3 TechSupport LLC

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The file mp3rocket_setup.exe by MP3 TechSupport has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.centralgiftgrab.com and multiple other hosts.
Publisher:
MP3 TechSupport LLC  (signed and verified)

MD5:
08e7ff39575e27b5cd98b3a05a1c35b6

SHA-1:
4e1d7d9038e5854627ab26ccd961398777060de1

SHA-256:
1a8c4d0a9fba1a158736e2d0d82f360eac405670e261bef78e5b5bc22e192a7e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/5/2024 9:54:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore.MP3TechS.Installer (M)
16.3.13.16

File size:
913.1 KB (935,052 bytes)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\mp3rocket_setup.exe.ljur6vs.partial

Digital Signature
Signed by:
MP3 TechSupport LLC

Authority:
Symantec Corporation

Valid from:
4/14/2015 7:00:00 PM

Valid to:
4/14/2017 6:59:59 PM

Subject:
CN=MP3 TechSupport LLC, O=MP3 TechSupport LLC, L=Lehi, S=Utah, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
16A1E50EC9A3D10A9B18242160B68883

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:zJuOETf9qU9CiJkai3rxCrlD2wvG0BJrnWzhJj8zh4XnBQCkmH90h:zYOET1quWrgrTv1PrnW1Ji4XBprH90h

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Entropy:
7.8818

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file mp3rocket_setup.exe has been seen being distributed by the following 50 URLs.

http://www.centralgiftgrab.com/c?x=8vOUuvySgpxMxy tW1BtLNTAKRXJ/jkQrv6RQ5BfgrA=&c=Efp97ah zd8zVFECd7SmaFS 8IWqCERIUjZi ERNFve/vseNtkEciUb7IIZr KjqCO7viajp1Tknt8hQkMFP2/lgzP64gCAOJaNpiJo dgl8UZyAdUwDnYjgc5Ocu8bh&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=j1/RdVoQbL7qhoGSqXB0Ja4is27X64b5ASIIBtkpDvM=&c=a50mJT7hkLQe0A6ffYWizRoFQ9Yi108B sGu1wDFRsUuuQkTiGTV0Ovxu3T7EzPM3OUhfLltAaR 1cVZDP4ArCKSUaZfDuTjL0kw2aMXC7lC3KYOM7UCtJP9mAfECmVC&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=q6/mtPn0pP2MKvGPP/K4rAz3AXfSmGVhHCGfJDM0OuE=&c=TV1A2xXSCkEbZ6R8MSUGfOtosoc32zp827fSE4Ch 2JcP1JQTSSdHyxjX/FIipZIsBMoC8YG7qaDaZItC Sb4X0KSBNs68KhhX5t5n/0Kkb6cYG45f0n6TfKbWeqI6fM&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=ccUWT7u5YtkENDO4BaoUoCYao3A1LzRhf1a0NnUixlk=&c=PZ/BKsNSZ7UMGddYZ353bLy4xWB2OaS1OJ2CdhIbmgh7 5vEYcFtG28N4RVfsunbl3NPDx3vt3oreXjD/rZ7fttQ 2EESepVKnJXMUXY4cIdOPre4RXh eP4KRP6YVbs&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=mMfYX/M1IBp g6fQ2BRITNTgXNBXhm1EawEKoYTbNc0=&c=noD6Kr/AFfdLvm1mw7IQhUKtb0SaTBTOwriHIZV1frDdGpLizC/LWHizpkR791Lz0QLHQwFj7PYFyJj8uLjMN HFz49LzP51fUMsxhFhUmZFDKgiifK9 rY4ITppkD S&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=i7OaPEnmDsVrA X9fXYMSi7vTX4 soZtywnacijcRa0=&c=0CJ57tQNTO56zpjVwKLdHHl14l8ii2WeJ9rHz0iLgVxD/RSrm1G71 rHV6DaA9muUSdqvf3ZbalVgY4y7kmoyVWnb9wCrzuvLSzu3lPmetKHF3IwhDXVsy04HAsmLxCf&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=WmPrMmVpOjfifQApQfW9Ncw/CT0mm1w0mYLodXPZIO4=&c=HqlZtvdVKXFlyD3TC4hKsBAfSSlueRjdRbRdq3mUISdHxoRyF34EJIRvdWbPO7JbDvTJmKOKZ39jJyTnJz/aq3V4Ksf56L8AyvOr8EV52wpwFS6khNpYHMV25n6AYHQC&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=OmxtGLlWN3HHKh9YQqAyGdjwW9kZbiMieoQIydKQKUA=&c=3l2EXkO6SreDUX/pKSA iMtR4yq05EO0F9VoxAVdbotQ8ppY6PdGP2Pj0ymKr6CdzqeAw7nXpt9yCXmcHrrtPc9iwf5xZIBnmLpHIOXND7urVQkjn V jNH25cA25tE &downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=QfGqFU0hIWEDAAotoYReQJVbFTFcG3pfkQ0BhTSgpvE=&c=8q fNWJHruLE8DDAd7//kmyqUGceP BdLNssRnu9zEs2jd/ihhmTm0y0iKFyej6kNAMUKKmhwIpZT3QRxsfLXS5T0/aoxtQvei1/2PwclkbbctbMtBMpRCCAIKwnSaOu&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=UWzan5e1ZQTdj1 AurQckgS7S7udvIwyjYy11Hvv2mU=&c=6w5XvSXtLQ/NRznF0NLyL5eX2V22ChskJ9HFZ6R0Rv0zfesce9cE x3aesUoFk4nakSINQkEZg5r4iPy8LpDBpqHpqpkF6CF0mfKkDOrJHhWbhIr2E6V7n03Xsmzzl 8&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=bqLt/XIhxm894XBhsqoM4lPR2z6DNhwFGPVVgfBM51Y=&c=T3fvyvvaUXpEmEcn2Zw23dajLwri EbseB iPfpAJXAvE3NfafxJR8VgzjbuCp65lXZMKJGPMYXkcf8NAgJE140WQOvDhAMZeq22CK4dRIL0rdCXjt5gv3jdJeLxAuMP&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=dXr06 UltvUmjOlqcX0xE63GLsFhokga3CBLptpqgO0=&c=L h1ADAqUFuUr2bOUkjlmfGF6HbDedjftuevYLSzJxfp15Ih05VIAaJ5fdjSIcx7a1fFzduD8Nen/F6DK/aLOBIswRNtvWjjQU9OONTehFSFfzJwnw 6 x1P4lpm64v0&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=TF0DGIt5S8L8QnQ816Os9 fuGdBfbUiMlHXUDqTM15g=&c=s4uxTiU3rvxcBaupQthQBsm/j6joL4D/fXAgROu2GGBb/qKn5rm5r0B5yjiQ08L4/jWGiFIp0CMSlXhDthXIbcWg7qJCmg7WmP2HX 7YHtfLSEAZ37UPfrSxPA2K/SXb&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=7vvRE YouIOIFZJmFfYDk6aluJN1ZXYhBaDPal2puQA=&c=4bqIOUqM7Aqjl63xreYkuf1xqNWPNorsu 6yjsHJCmWGigD suqHRcEXcD9bKjgCNww/fUH6tx1wh hMUkoVEgoVymcshf7xLran/aKtA6s/5OJtfi6JVykx7TRdl/I6&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=D7cbZiv1n3LHTbTygGvCnDAt hgMXNKNndtt7DngTqU=&c=XUgdAwh2PRCXexOZHY3rZTjC7nvS8ydrIqgU/msj9dLHadA5vac68/Kew6XRzOsUCvbnJ0IJRUVxtRirzZKLLg6DCFy6HPjxgueI/EErSnxMQ4Ccf385ydu8g1q3TYy3&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=KcJBF9Q 6 Jycp4UnmziNpZxXClMHbqf8y7iqWDvFAc=&c=6zEoTQBJBr49E/cD2hfBeHGmdQtRJYYn9QgPrxfC0KrXQT Ile81Xt6WRPAlHTsOYftF/EUsuYNs3OHd4Jd Os5Za6oF887WXxagJeAZ0TAPYuz4WXAI3u9NFbRnk/45&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=ljblDKgN4LKzLEXNXEMiTzxe Wk88fF5 h uhKnTjYY=&c=YchRc96sBBTGWs8Iqel0pR7RHnMVrxMSUypBp2p6rVgddYTAwf3fQ9/WXynShaww5w7LdAPqaAx7/QYX6kvAYMFK7DK4tOX4gucQW0J0cTsDpLB6JJNGvV23C8hZy5ZC&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=OwdU6E5u1urC5XYm7mopchTUG4Bn0A8xMFkfYfST/Ag=&c=PFwN4Gofkv2j5WLh00C3kLCFoOpLDOilHi7iqEBLTKvf2aebzo7vhyWdsTwfik8QcQBdmXS4qO69wSoGUgJoybixYYvhiZcabbDdw7JF06Buc7op9I1a6MHtAznOiu4X&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=w4xmJLkW6V8wcbAJQZzAf2P/iz4pt1oObx1vRv9tm5I=&c=0xOKIwFxV0INeA1jMkYX64TYejE/FyCltNM7v7ocd42JMlrRqZIEJ5t/b0dN9yhAl2kOH7GFpOwaQ9X3Tpp2vfKZmyB42ncb293NKD6cTLYsCQ9Zg4esZelnHOXL3XTt&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=NJGlANRaUqy778264o7SJisPZeeCwg5B5s80npTiupY=&c=xRG0/ UZDntxX7mTWND5z0/2Ha/Nm0vZirQhzH3xJHtdoIu4r3ZPUHB8/dJQhL2BYMZAzHqmNH6S mZmsBL126xltNUgEhOx DTBWi5YR6mIvMkwLaM0exW7tddlVgvk&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=ZCFHJB3hxdU2odm2bd2Q8bTosXDV8xZwERtVntseZ1o=&c=3SwWCeHl8Z9aQx3yjjrqSzCBQFQRPUhSE01s7qY1TjauqqOnUjiR5855d2hwBU7Rt0tLxYkymG/CgqQcvECRv/PdWfapWKawpWpHQ/1AUdlK8MQevdEyuGQJ4GMgeQmm&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=nvJFvPw1949rxkpSgt23zwqGMWLc9ts7DejwDj2gVPc=&c=fZUxGrSrBg9fC3Up2nVsuDSnYfmUkPy8vUcmqms4 efZCH3Qqw0oEmJ9nKy2NNPfZiLzzL0CWiSzM7KfgKzby2/ZWJbn7ocnyJVKY/W3AAA0cngpmEkfgX DmvD3ARZJ&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=J0SIabPYZhT6B7HwmVaGicNC3 dpjnQ952 Beaaakc=&c=oS 6jjC4MQ/AzOdnyGsbpTkOFb7RgSSpWANEWjet2ab0L2QkgAObWqzqMlZ7VsNy3Vp68oQI1s7Yze5YtQ/YsXY1OhgX9HERNAYAtp0yUuPJjQ71oEWXbFX7LyDMRJ0z&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=ZgMFBH7/NMsaPGoEHRNhOUwMz1S1Q070pMoH3/fVXwI=&c=fpR9G/5SHlarnEJH6pmiMMMlb3/TNlaA 7BP5pgtplNdsJBS/ xn4dDzdK1WK6bZYCB/cqkb8K/hgsKEoyd1v1UaVjwvG3Nk/W6TrAxvg16nJbpeW04FGx5Os3DXNXH1&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=WoQXx8uMLW ZuxmMtspBtCyxVOPfJZnRzOaFHv3VOPo=&c=Qw4hw3nTPKz22ZSzkCJLgcoHiPE9t3npu9RwnYtiSlUI4sfpehEbFmKUk3h//vfT H2/dvEWnTpPNpkJOWPjKVxULcicbwjruTGC QWp5IRkmLJf00Wa0G/l3IBmHMPL&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=y435ozZlBLPUfnRl1UqlgnKJBcbrWyk7mUtNqZU5LrU=&c=0tIYNwipY4GRVAiJsDeUps6cfhwFIwhwKo8LAk/coP0Byhqm5 gJA87quqYhmijNkyo1Aa2UusYctjgo/M i6yabpzSp6bIUEcVze7bov7n a9Ks4TSNUgKnRvRlT2xn&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=h4jaJMAWiZBWBBzes7lgGiRb9Qh363SjYln9YwhXdu4=&c=dYp4VGF3hYUFpLO7bd1voJ0OzwSa9zkBouFELIgsjRYHteTNOjtb0CPj8dn73WeEvKheAy/FcNEaYGJtDY8Zk2jvrM93l 85N8IODfGPGQnpdMaff8xXgC48RPQ9dpU4&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.farmsharebits.com/c?x=e P/OCtta/KwH0nHB3sQpCAasYoFc7oY3i4 AEF7COs=&c=MZ3IvIBCrx6n9hd16SiBC559uUJCtn3l vhm6cCllRQDcm9wbdJGVLblz0dU0CGRftYvj 1V3Mdb7DqDjRuuvrrYqw2aOpMMCvybqrVREEpKVNV0Xz4TQjkorILrrqDM&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.vaultcapitaldownload.com/c?x=pkpbKCg1MllIjkutxvb2mobhirkbnkqR XSH8YTSvxc=&c=jloYJ687loJU5cKYryMxZRTA7MkbaSV9l/jDbQTDWIPhB4XupWR0jLuoO9ahLwRaKRF wcnOScP7mOYKQ4XMlj6CP7fBjZifcbO2EQQ0N6udNdWnRJknu4SvaeBV2KX6&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

http://www.centralgiftgrab.com/c?x=DAO 6noiDHlm8scggwcbUJKwFRlgL7Fj DZRbtiuXZQ=&c=fOxz8lLkJ2aZ5mg2yW ybLzbuKM1LISECq0g6PL1jnsZFrUW9sB9m7HF6QOXBHt1iJTFWlgY duAYLVxiWMO h Qxwo IJbqYqIqIs88rCVlCBDRduaxAl8qxA1BFkU&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.safefiles.com/.../mp3rocket.exe

Latest 30 of 117 download URLs

Remove mp3rocket_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.