muddy heights-1.0.0.exe

Reg

Parsec Media S.L.

The application muddy heights-1.0.0.exe, “Reg Setup ” by Parsec Media S.L has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.senddeliveryshare.com.
Publisher:
Mufodapeki   (signed by Parsec Media S.L.)

Product:
Reg

Description:
Reg Setup

MD5:
577adc115a08356d29ac5f7dc560642b

SHA-1:
16164e664032b661490d3903d03c4c8686a6cb58

SHA-256:
8ad11418b492058eb91564cba32ef4a7703ae65cdc53f4302461eb9d1de585d0

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/27/2024 4:38:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.4.9

File size:
1.2 MB (1,238,648 bytes)

Product version:
1.8.4

Copyright:
Lite Program

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\muddy heights-1.0.0.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/20/2016 5:02:38 PM

Valid to:
1/20/2017 5:02:38 PM

Subject:
CN=Parsec Media S.L., O=Parsec Media S.L., S=Barcelona, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121664972E6D57B8AC3433073871EDF1FEA

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file muddy heights-1.0.0.exe has been seen being distributed by the following URL.

http://www.senddeliveryshare.com/PsCglG7j9kh3A6Ue_CGyBrrtHg1MFajo2L2bS2zHi6gB_mJEmS xK1Q0UyBIKgMu4cclwLMyX80pH_AG40ehlNEPcIHcUr8HpgPZO6K2x OIou50lPpK1Bo W0u1LiKmJL 8lp5WAx7TOX93UJSp1CaLHkEUA9M50oVXwkx7Wpe2Ez0_94n7b3Gpwz2PT65RX2dI_f1GG_kscedOYYoWb1R4nRhqv2FBSkndP_T73m hjKG91770nESkdNNbewN9Sj8M5c CsxD0SjcUmjYZq20CEUDsZbkVCrydybm4AKXq3259eK7mcw_q4S98 6 e2yJFlSsW67IdEH6Kc4HU4TMVzA91aXYtkHdJ5oTIlhsclNkgEYDyiJvVSf8WegrSHzyITUBzvFRAR2EQAOD3RBQVp8 UuBfW3DlBYTW_l4S Jqwa1dwdusXj8NJuE5CqUr3KymlhwGaYYY07FNIYAEChHRo_BA==-G04AAMTPG9_SRceEbCQlMC_Yfzs2HOOAdXlYb1CbBsehPd kiG8sUYXNVlFAMmoeIQ2IjreUT9as ol2kHbWJmt8nakzHgA=

Remove muddy heights-1.0.0.exe - Powered by Reason Core Security