» mp3rocket_setup.exe
Overview
Analysis
File Details
Downloads (39)

mp3rocket_setup.exe

Sal

MP3 TechSupport LLC

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application mp3rocket_setup.exe, “Sal Setup ” by MP3 TechSupport has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from www.hostflashconcepts.com and multiple other hosts.

File name:

mp3rocket_setup.exe

Publisher:

Duto (signed by MP3 TechSupport LLC)

Product:

Sal

Description:

Sal Setup

Version:

4.8.4.5

MD5:

814066562ad01352b1bf2f60d890cbb5

SHA-1:

a1bc9055861f69178dbecd8f6cf9e70c7792235f

SHA-256:

d5ed94c87fdb29ad55453494c18232d930d39768297c9fbfc74d00d914777545

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/5/2024 9:53:08 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore.MP3TechS.Installer (M)

16.6.29.12

File size:

1.1 MB (1,133,968 bytes)

Product version:

3.8

Wizard

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\mp3rocket_setup.exe

Digital Signature

Signed by:

MP3 TechSupport LLC

Authority:

COMODO CA Limited

Valid from:

4/21/2016 2:00:00 AM

Valid to:

4/22/2017 1:59:59 AM

Subject:

CN=MP3 TechSupport LLC, O=MP3 TechSupport LLC, STREET=3051 W Maple Loop Dr Ste 201, L=Lehi, S=Utah, PostalCode=84043, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0081ECF0B90414131BF9016277516512CB

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:2JiVXe03sqdBs0XCTpb9YS74oZJ8eQmZwnJIuDUfTJlJM:2oVOld0STFn408eXGJIuQf1Y

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9038

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file mp3rocket_setup.exe has been seen being distributed by the following 39 URLs.

http://www.hostflashconcepts.com/c?x=O6d4KlAneWTJ3v8pgsFh2vh4BgjfPTZBiqD4CE5m6ZU=&c=7y1Zn M7BmaZVFc2XU2kRTM7ORi2k7i6v4ymZOfOnf52OBQyGk5IDi98ENdB7Z0/ok1A6yyTP kPk PfTzwAcMCNffAEMjz6nqodFgNBnhLcj9/NROHADDC0v52LGMdO&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=Pv VuFF9gadhhaI a58RFedioHSnx bpPTjPBDgEDlA=&c=fj7PLoLtrLaKr0CT5RZd/xpMNf7mLD 19 d14IbFo6pWO3pZvsT7 zkPiVhrfT/0rGl22aqlPM/4H/azx/VCR6DGGnaLDX69J3WdKmiWdFY09C58AhsIuCSf9a8SdPE/&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=8C75G8YV7hrr3xWzKmZw3Ekb8MgwEXhONNXMMq5S0lw=&c=Xj i7VfriLOtJMUZ4X7ZorTVbj3vyz1yg8HIYJngZLFu183N81IZobC40ThBB6Z53VauREwmd81FTZOYGGfgjSGC94yq71LMbzCFXvhFKyIAIT hBvoykDvupmo tym/&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/bNEWofCEUiUMVIlqkzEB8HRppTi1zaL313knS IQhf43mqeyGABpwkRqMAz0Ji5m2OInQhYMBiE5dbu97JWjtf5GdsZSKNVm7WXPkcjmCo1l4RtX53f_so aejpPLoJDh0p01cTy58GcXWwCLciMJqQcbTE1ol3FPPTPaiSg_0ByYCqmGIE=-GzIAAAR0Y7H94TEvGARBgw44BuydRBYGG2NnCVKN_MYYvwVlZqfYt 5J1OPEAw==

http://www.hostflashconcepts.com/TFFUr9LgnUWbpR1AfIvx0fRr6ghYL1cymRskjvNhDEn8lx6LpL0ASn_NVhY3vT3uPcds26Fgt oNpE9Wx5KI Kp BB4gE6pcvOy4Hl4sEutejonjaDxcYMZrnwHNfi95HGOHOe 8MJdZnpSLI_NzQTVM6vHmxAuildiCmAIEcn8eRS0hpOQ=-GzIAAAR0Y7H94TEvGARBgw44BuydRBYGG2NnCVKN_MYYvwVlZqfYt 5J1OPEAw==

http://www.hostflashconcepts.com/c?x=nbGINNTO9lHr0FQB6cf/QQXqmoiUtMJ8dF6n7FvF7k8=&c=jTmcdnNYAjaqqNPAKP3xEhEVO9NvCkXh215cnmsr8Kxu1oQODbLWGM1HCVbkq GhJqS7vSwhp/AzKPnOr jq5V Zy4v7GAxAq p7X/pKuJ4sEximJXP8wbmxgKqLAmG&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/ sJRdwooiUXf9KzHM8e7iU AiYx95xPMul5sQBOufqxJrVjEt4aoPE2NFqyIL58bYl1B E6aXJ2MUYEp7qOtt NaxXOxyTqEISK1coDf4nWcX9raH82lQHX1Z9rYSQM8B7y24J0FAd2iCDifhrr7KtCIqIdQmmtTBCL4mQ9AXCiO4bn8 CQ=-GzIAAAR0Y7H94TEvGARBgw44BuydRBYGG2NnCVKN_MYYvwVlZqfYt 5J1OPEAw==

http://www.hostflashconcepts.com/c?x=DYwNp4DZoHq8HWvvmQ7ush2mHS3bn/1U5pbwWFETqts=&c=zriRx/uLdEnt4UiAr5V9sLZ2sP5ATulalOAi3WDxXWfJJ0sMN/I9vfq/VBIskCk lHemzaxu4f1sC3qV3xkNaod INOab0/zKFd3CFP/LX5Yxwxx5W5GkpxaRpzixdQq&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=5QaUn9xjDhxz7llnnljyYe3u8rGVlbMNsLFNxz1MOEA=&c=x8Wcw6FjnyRy9k4OSNBrfXzHUBre45SFOYMgGka2FhpELTNJrwkFYGs9PD2sXl75oHkE/FuXO9AEcXiCJv56FZCgB0vz95jFf7LlB/CAT 0VUzFEVqyBiTHCjVXdMUC2&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=d3 VGi6VUosSA5nKBPScNCzLHNHvjfm6o7P7n26Zs8M=&c=c9O2btaHO/J1kmh0Naqp06o256OSwvETJiMyb6c4ZPRRBgyKiOc96N6s6z3S9T7yt r/tusFfo9AAwdX07E2ZYkudBUu76bhNk4lQDAA1YhcyhfwJZ2Fg5f5WkCT O1N&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=4r97UBRzqcbZFsz37Src7AUd9oY8EJIQg4kzPAjGPKY=&c=b6T1s7D2QCoMJXm/rCC1tvA2jaCZ097m7tXt1HzO5zbr/RZT32ZpX4iEn9nAP4FNfY38tLzeKCiqR72z5w0XBu/LV a7HDaU6K2jq8ZLnubQsJlHkLdw3ZQMRjfMlb9z&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=shAUqj17XB6BGdjVYU2iERUyVM2uu3vCq84jp55rAcA=&c=xQdHQJNUjgqKbSw58U2dRx60Hchub3Rm9Zv2wtvIayZiRQaRA8R4OBZQmqTUuWmg xDobnhtZFZA/R2IE3 SmvH0Q1Ycb7mQoDy/1RhPQac/9QM2ShJAekmty0EQ8oXX&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=tWRP44wTcgT7HXtaIitthCUylU1sJg0sgkSIpYbk5Qc=&c=vCJ1NzE2dFEyU9TP5RTLBbWbqi/831bVZKqkgYspYYf06F3ed5pMxOLyAEAr1Er4fcwWLxfueLnlLmvdqsGdbdbGY84ry7SQ6R0zkFoC8 bD3rN8UjNBS78yttLFwO29&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=yleWZRvwyImVDa8QiBXYuS6oRqDeSDMTqR6I1lXJTt8=&c=JXmiMsev1waH8RtgnQxTV9T40gqj0orzjy6AgMww9wVUHkRenc4IwXfZSBeAzxw5vZSvcIkGPstnoo2pTvnTuWuW94MjNfUkLA80M8hvlu/ Kh3AJPdQca9U2bvwW832&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=pPGSDugcPzOw1JObfgSU8Ev29 z3dTKO2sFstmI5wh4=&c=Wfx7 bQU8TzK7eel1zMOcoLBirLw7 0z/1XQGddpzKtgm/OEXOrQOpAq9lqFvK0BD8CjqwPINm Hjt5wAWoWh9ptAUPfw4EiklKDxuwBdmidmFYLRMmJoKKnF2P o/mC&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=hKG65Ih6Oto1W9OoQYLImgayLwXvTDAgHjUS3k5jN8k=&c=OTR/LoKbOTNeu6Ir0FAyttarRpgkaAJHCIGsi/2E7yT8JTdZmxj9HiBEAyjBkQIoTTUwiPAAbiF1qPlQs8ptpffeOjFLZVQfsm8nkERMEUCmKI95ajqMbNfAFcKiNTHt&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=pOfxtKVCR8QXuvFEWAvfx48JsuMZBogeGOR4u0sg87M=&c=uBzLmfHE9PRFy9u93muiPZH2gB1Dp01QEj8JK3GQRxUtbcpU6VMrbI8TIlqgph36Ko4OTGCyWpMe4zq9plZ2NAYiz7NHP2n1MnGQvZZb3X5i4k2J2thxm/e5TjoTGIEj&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=0lDxwZr9AMd8tGpue66ubVTiFKY4xy54TIOYpP1e6dI=&c=QdYZwut7WfA7SBsvwtVzZ38nTUbdGKWCXKsOv1e7NsYhIY5os7lHkjQnihEvMtrLcQj9OZOyYajJBRkP7b2IFSS8NR0XSbCqifvWpTYoJzao8Gyd42hTpBEToLnUwPJj&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/USHtIH0hA8pUBEe88FIUewa9KszlpiinYMbnvCcBtfSKfSqKd2WXi6IzKI5ccPjOA2av2imXZsQUWB7fA5My_ooLfFahipY2Y0sfl42OHnJQl7_WmOH5BcnGqpxQ6KLqxaWSN77S1gFB1p7pw4LfWFtQczQr1w9fkgSJAVYEm9GVxMeODj8=-GzIAAAR0Y7H94TEvGARBgw44BuydRBYGG2NnCVKN_MYYvwVlZqfYt 5J1OPEAw==

http://www.hostflashconcepts.com/c?x=NuAJ4kuuBI0mi1zxsu41iOyy1PwyNeTt fvkhoMd3Qk=&c=S6PlZ/hnrNJixp1qYrP4RCY2p4bJxN2RbHZtZrTh2rE4hCNe2L065eFqL/E10GhlQrtO5QevMKsOW1/Z bgmOXiy3HkRt6hxJWSAM1 qSPiQNEDIkqoP/gTu0Htgs3G8&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=XgmzLH1TPI1uH0xKJaRl/mFG5Oh1SqyNSV8PToA1d/Y=&c=HSy1K L0lKeKAKFudNkZOxHhqS9 KVSz64DuhrNwk9iz 8hBkfn5ZZ8bujzPkP1FA0uKYsSlwuqP03XX cKy1pxmlDhCm7WGsQ1pmxS x 9jIhIYuwo8CtP4S4N8cHUE&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=d8XlLYhurq46fDtf cAvlaRBSYd6g6ymk0beKNHLBYI=&c=32vvTfrXNwZLKvZjNLG0xaAZLxyxEIU 51OUsJR2Y uAJaLYT8NX5WJXiDADANbQcY9S173uNhB3IEml0j3WPwLTwotcl3Nq v2uUz9jz sfvO1AS6qW ewPLg PD3RS&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=kBUsoElrgelXAsktqiG1/zpQmHfI/IpOM8a9hrrjXgQ=&c=HBbYL4X mOgDoDz7xFwl1LinCmGk0WiFgO0g7k2Fmwmk9lt0EpuABeLfUOkP9CQ3BJaceNqjyhrPad btbV9ANVefbM8jQjKVqaeZV3EGU/FvAPG3lu97va6/6zkIoGZ&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=VzkgKIfgmhrYaYO2iuaJ3EDT3Sar8uvqlTMgmTi7bVI=&c=T4u97hS0I3VU3Z2xXA7AXarJqV/4rLtyXOqJdIQmh1MuD/6iVDA/C8UiKjky5Z5SvOMlRqIhRAqPt34Fwc0HCWY/Hc3g2pqtTYS9L2MYPtI2Q9kqWgPSxUiuujzQe2I0&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=g5f/8cB8 mDqXv7kAzKExobV6yF3wbTicZGySIFmn94=&c=qbK5R3L9iP3hCnnFOZLB24yEId45i1Ht44t1yovOhxDktLztb5d0ev7mJazsEBANX2NTxoaGjp2QofjDMNQpPqT6PqhZauOg4PWAJTqiISZx43Z/ bcRMruaXf2zL3df&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=yJGDXgKoQpnsBYuUzI7KkzbkMBP6ZI15wW8DWbZWdlc=&c=HvcKnfWR8l3RoHDtjF1/hv6HFX7z/DRHs64nxjI bJXP5HOR83M5 r8qRy/0E2/s2 dWqU2sNKrJbkuWw5 nRnGgenGBgnPg7U8dzEiHjy43kJOHoPg/AhAi MQARPI &downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=2Ix/ryRJN97xPWTWwoUM6RupzjVJFB5Zjj0ZaqA9/1g=&c=nlZW4hoNoeQPqsOLpnhI/tBt7FGpqwjUVksOFWhtI2VEABFp/uLEuY0W3N8xg1U0Wzz /jpfE645MsOG6OxB4 hv jmTPjQA RnpqRdpqYrkw4VZxk AsALrDQUNOt7A&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=P7I3I4DlyPZep Wkqhhwl1j319lH TKwmzecd2sTv7Y=&c=NPvo8koivyX4AOa8Fk WEXoEuYQ02rVli s0GtsLHLQVQP1xoEz010oNB4KmuN6IwehUzofN19/a 0F6k2GBgxzVeM3Yz/uavMRsbTw gJIFnU9Nkuenutl8H0K86IJj&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/c?x=hHA55nNCD8iHI4umQmKbLDC4SfGcThMyL iDs8EiMRA=&c=qkZc5PlSRdbao2vBAIqXKT/kmXsKTCh8hZ9J4W 0J ijcVY6IFGsPzzzpGT5AE2dFoVNZ FAD1XL/JLJAw2/qLscfJT9YHPVcnGlipXZRlS7zjidKfYPtGku1ULt6mLh&downloadAs=MP3Rocket_Setup.exe&fallback_url=http://www.imusicsearch.com/.../mp3rocket.exe

http://www.hostflashconcepts.com/wk9etfPRuc8qUiDxbJpY7yoqba175v442aVcBHXFf kFDlGt2hFSABN4L o6emjlqkKKqE9dnFSP9_d oJmu2P GpkzEoQ_Xe6FdMcoyFOiy7IdtbTojP3Qegunp WknKJeulVG_fSTSzG y_JmdbzD345OY2akvA0xKcJ1kFjUoZPIfSw=-GzIAAAR0Y7H94TEvGARBgw44BuydRBYGG2NnCVKN_MYYvwVlZqfYt 5J1OPEAw==

Latest 30 of 39 download URLs

Remove mp3rocket_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.