mp3rocket_setup.exe

Nonon

MP3 TechSupport LLC

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application mp3rocket_setup.exe, “Nonon Setup ” by MP3 TechSupport has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.hostflashconcepts.com and multiple other hosts.
Publisher:
MP3 TechSupport LLC  (signed and verified)

Product:
Nonon

Description:
Nonon Setup

MD5:
46a2c8e5bbc3ae242d542dd4cb3e8c4b

SHA-1:
58f7710215e7e75e66e39db89359b5be31f14a0b

SHA-256:
d5269718b692704d4726833012025a519fa947bbfb8bd3bc01ed86a60cd0d520

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/24/2024 11:22:15 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
16.11.29.12

File size:
1.4 MB (1,512,704 bytes)

Product version:
2.6.8

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mp3rocket_setup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
4/20/2016 9:00:00 PM

Valid to:
4/21/2017 8:59:59 PM

Subject:
CN=MP3 TechSupport LLC, O=MP3 TechSupport LLC, STREET=3051 W Maple Loop Dr Ste 201, L=Lehi, S=Utah, PostalCode=84043, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0081ECF0B90414131BF9016277516512CB

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:xCFsCkFyqcCpMASpfghr+QVxWUP+zfsoYaeh8A3g3v3aE45hx/fRvCmFs6tkeB:xADaiCuA4ghr+QqU1Ceh8A3goR/fRvH7

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file mp3rocket_setup.exe has been seen being distributed by the following 50 URLs.

http://www.hostflashconcepts.com/YKOakkuj5ts5CCme3hhci4xQ bYQbwUQ6q1zdC6vswYLZrO1E1f9iy9Y0WLYFCgP9JuJ2RPPgHMi0jCKOxWw4DoW92XvPfL8nWnwNXGiKsbgagHhrdcYiazRDKm95KI4nkTS5rzmpAeh8SUvCwI1BCGOB7QE_g==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/UDsnE36pGwae8_3UWvM85Z2kKmUiNzMrLuf 0n7ViejQx5bw3l_m2UDAOfCOj3 EMkUjNIWQMjGiA5vMHoMoBTxWH9THKLCoAtS 9XTOs0o_T3FxNo1TCvEt7UXFaXwtRn6CGcphKtH7xaRMKmf4ysly_vCgzw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/O63kspKUml01cP2Di1XDRTXA01ar3IfljpDwIwEATnDACMV8nQ eg7G8nC_2xEt_aOkxsqdl32_Lb3kJV0I7VXNDmpWDU49yf5Vvn7Xb9Fh9q90f3vlCk_bftSqGroTXkTcFOHBOjjzohkbI9t7Q5cKjMLc_Mw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/OeAg5xoBefEfcr_Sw30cqKw9d_WLvI27LgYgY0WYNN_ve8xe8CzGDRaGfTFHVnx7SX1u9AJFyXaTKUr2k_ZbtdyELbLPJR8sTWfUnDnsQtVFLeVOtKTaENDQAak5x2Q_sY1qbuzc2MPu5yT1Lc1VoPK0A7bX9Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/m4FeAj3sM_DJSckqchMkmQoWYrNGrVeOWffrNEvFKTrG3Fr5Ua O_DIWD8DCe4g1FnxxUokzMHvwqL1nMnc8N2hMdGIiPhR9mp_Dwi4fW02Jyqmzvh5NmTeEucTN7ghZjdD6uKi7NWpKrtK0vJWYl1LYP H1sA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/tiRBQvWhAJ VyzqphAB9p8Gb7OcqJ3 osIH7DeNGO7el2T9 c wGPd8_YlpHsoKTZ0SjMhw9rwRmLuHE 36_ZItjY9p x1EI71yXPqsmeBc4VY951lCp8L2gCXK0lRzHwgctNLP_qly5KyUKxvXc3emN80nfZQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/41JjqUy 5V7jZYV7duaD5J_LMucYE83eCDuEGSUopmuqAoevqmCRLHnJhdgBEhT0k1ySclEl4ODSvp0MiDhrT8CsIUOWH4W3EjpeK_E9hGP2hXjzv_MHxMFLafQZx0MPXHhUuicuDzZsR171NZPE0j y1NIK4Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/MVrZHa_r N0ywsf74ZQejAcZ5MjoyX1un6EiKoKysz1S0QBcPHTLBOpTlrLJ46LemxGCKH6VGf0LCe5dQY6WOxZFzmk_UXFOgIt DE4QM_GkPwF98SeNo KvlSxAcohZg0kSdGo7rQA6I4DJ J83bcbvJLjaA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/w2RymjoFe2r31YP006VeNXJtFAKYJ54opjqRu36n836xHchac2JfQT3_SY_sZeFjupxadrvE1XWTu6_5HZr7PQVusfl2FIUOg Sn3yCf yabwAtfzarbIogYx bCRbOinbbQhzJJxVZlYSV0alfjvw6a6AdmZA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/U15ZZXLHkJ6zT8wSHeuac3KNy18TX2JlWcZs3RycGvkSKhAL556mp9xJt89o_4GAkKjB1H _tsUPkzdW6eBq82DtsPsrTG7Qp7s0pNIrdWcLBggs9UK9XPGtwggXQkt3GU8_shw0IB6quEM8JxuyaL3 bUkoSg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/Hr CV1b1ucA2RQuH_KJ7Ah1PLMsHp5kCGHGWQnkk2HUkgTN1Mz_7ntiao407eqMcLosj_0767VX_H_s89eZTpJgmcKJ9_ BglI0O7M_Pa ajnGdtmdkddT2ZCNMil hMpEN22upZ5nULQi3ASf02TnD NU55CA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/iJvqxQfHJ7BrKYjqvNQTmHl1BHPygUmJ95fjrS6kh6qeXU5nszboNp0KEKo5It52NiBa FY8AsTUTQKaj73S6omBnjBqr K4BWDrw3g3ppuiZm913VRxZC _OBRwweF LpUxd7MlLr hmSCi15zS250waI521A==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/SXedb2oF2IbMy1m50Hv2pwPbkVhthmni etf6CnWDeTIJXt027yRbXA7Hj6Ub 3l1C 4Tzc8MvgD 5JOKQUh2ie7KeYjcS2tmfB8peVEeZisKGQKUFC96ACg464j61DY4IB81OpF3JUc1QXbpdXpXh1I9wcHWg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/LJAfseD pWCyPNLqohkUNdDmNz 3EEd0VJ9QmXL0kKwrgjCioE a7eaZb_HESP3oOOYFSgq4LhPGSzijzQjdz_SJrIGSUyWksjHMw3n_FsYFnw_rPWRoSAl691fHvageC0RKMYvuU2vCni0AWqFdxGRw7f5uLA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/elS _1y0PoD8Om2pj1NPsibYEwZPOlacyGiftDbeS5D57qoPYCzPS7XD_SRrqg3SjTRIzamQvObgXxKAvoJ07M FKq1t8toJRqKjTrAArDj0g48EmnN5iEJmPiUrpR9fHjg9zgCrelNoAJMbWN5uHxTe1GlKxw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/iwgazLvEhatelXBRlqfV09Gu91ERloo1N4xO48ZZrzvFve3uNUwTKGoB4X2mPQqftHWNDWNP2K0iD3Wy5niS0DErIA8_pJobCq5eCNAn73lEEYlNieBxfJ5wT0wI85Bu0yvnQJCEoSg4wNA8t9L2MM8SrMqPbA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/xGNUxJtQQa0j_yQh_gYVZ2ciaS9rg2oIToCa03Kc6wcQT96JVD18tuhjGYZgxgw8zEwLRE9g1748WWYYHI2rPPQIW8Esn7nZsGb3FsfZTBGBFldF9eDm iu8m8r6K dr9qMo OuEhPd69b_UyncOJOhiIBBLLA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/qLc_fQgW2KHsuj1sUwxdHpTpKQ bzSlyf1XskJdxJTqGVX99irFWEOIt4pKbQMW boom5XSEpgFkKhFpXqP3SbcEp_2iGyph_XezkBo2OF CI36mkaIb6wFyz4RKwJHSLlgGudcTxZc8q9qOlw5yIpcuBy_fdA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/8mo4CKMtM1EV4 6oCqG_2qleVWa n0a5uZXJs5vZGHuiwyx0ZFjL4wFg3h_7cOVGOzfGKZ5Xgn6ZRPT_1UCKLatfAT kUQvk7bVw11VHTwVj8poHgRIwQRMhEe5GiKqPF9zGHuIEZNAn6 SyA1FXV8WjjoXVlw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/nxhOWCINOy9OabgQzBjP3H8wcLqIr0GU4oeW9aF5_GDDgoyc9W DFMOlcJ7W_iTvWScpr08XRGnVxOKnOCMcWp6_VjUe9NzXm HWyP5D6CNqgNRJDHTszYmIzDT0qbABGuMIxDOMXrHCFUaz dhjss7K0_UidQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/gHQPqE7HeJcosy_1IZTWnQ D3EzC4GIYpMQTCZJGoqqh4uRhK6h3g28z49o75T A9qFHqNRqSKi2H_YCA8XsfMTBlGIrej tAAAIEdhoGSdBk991gc7hlfdQ ZOPeUu0k1uoQNeUpJ xWjpK YX7cRtgi4_ELg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/Ev0DnxdETET4JjBmf1zHMhEsonVIX3zqUjqhSCg0UwclzbIgs4ZQT_5hRSaSEGHiyhUTBeWatCYaCZULKoYzlpj GWcnskbpWpfSEg8exEUFDdeShEiVsqv7p2BFmKH5fBkw_tnn3BRS TYkE62E8DP_bDVsGQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/mYoUw1kMCfUlYJDmVBBwI69y4cV6rnKZyX74Tdcld1NdHimWBJMLsuu8gJFukgr1CpsVfnZkGmKcfXqg3oL2gdiEcwQ2xTaKHs8zd5mkCnwjQi3Zho0Eyyyqq7GJKwVf1aulDwM689UjgTzR7XUp1_O6R4nkig==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/MuLSON9oynj02d7lyPkSyS8b OkYpF cBL6BGfOb0N8If5m1y ngRK2dBqAd9wM8fBhHjuFZbDD7em7cjPi9dAPdH2AQ3k4kzAgzSXWg341u JIKdRGExiVL1NMx_RbE W1S PgzBzRZc_7uCdSW Xle8E9J6w==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/ jI8 UPiK_A5WwCGBxgS1Yx w5rvisX2K53 K7bPWFyz6fA75kxB eujn_5k1bhsLIsk ujCe_tYBQ_hdKFZIlJX79nXmIvuyiCcTFWenJWqaIt8ZlvijaGBjZVHXI9TcYFn_6wPW1hQY3LEoZ4mQWFEbWuG4w==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/nNiZBVOtckXiPaLmeP3eOqphC0tKOMZA_8vp eYoSJG0QIrBmYXUa Y1HwuqluePfFsqya0410aRNavvtfunFn4Gf WGmpy3_00PkzbwfkAblFAzTGxlZNooRx5KOR4XOdkG1zB9nnJZUjP649FXa0imJLH2bg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/eUgFcivqHtavsHq08 Wes8aqQ81rnf1gQSJrqLAROL8hoSJimcqw2zcxq07Gcnyf2TsfRtEgp52O7EGUmR1vjjwvgtb3ajVQEXRCpGZssmYWJA3T94tVXo1mC1Hbl2X_OJ2aJuW5S1 hozWXmsoP _ aTKv2sA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/B9UisEdZhrH p0H 17WhM98 Q5MGDj 034CMj5buq8d6RLtexIp1EoZfAwQIWZYHGqdEqfG2j_aGXsH qvxT4p3lq85bv6OTH8TX09haCj7Jk6tamBrj_YCJ63HDXtXKfxWNVq2fhphQ634FA 2GSHsjYVPr_Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/EPdYRLxTMlV2UwQ3hxwa5qjcHm_joJaJrOsMbHhD9cE2SH8H83W9n10AnMXOEbQks7K2x79G1WgAuZPGt8Mbf6NihAY1W7Xhvj1uNl3Nk7hVb _Up95g7vLkf2a4jB4pbN8TjUhIp9eBN8MaEDQnbDoSho5_PQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/c_rW2__OIOsYE6coKTizhq so64ZHW4dBM2HmkDbamOgrWqX3uNlZCrxVjBuL0VQeImoEjPD2lh_AbRODPHedsX90lfXKRcJnRBkhTTuai47cQIYllDUxfeRbY2tjHN6FT6qGAYoPicmvWj8gkzMv3CeZAxYyA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

Latest 30 of 715 download URLs

Remove mp3rocket_setup.exe - Powered by Reason Core Security