Pokki_PixstaSetup.exe

Instagram for Pokki

Pokki

The application Pokki_PixstaSetup.exe, “Instagram for Pokki Setup Program” by Pokki has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from www.tamindir.com and multiple other hosts.
Publisher:
Pokki  (signed and verified)

Product:
Instagram for Pokki

Description:
Instagram for Pokki Setup Program

Version:
1.0.0.0

MD5:
44decd36fbb6723e6ca2848a181c42ee

SHA-1:
98b00348082d780668bb07edfec1c20181c1572a

SHA-256:
f04a0e5a7c668796df416ecc52e16a1f013c8dcd29f7b3e5475fb5aafa2638d4

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 12:02:59 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Installer.Pokki.R
14.2.16.0

Trend Micro House Call
TROJ_GEN.F47V1022
7.2.357

File size:
778.3 KB (796,936 bytes)

Product version:
1.0.0.0

Copyright:
©2011 Pokki

Original file name:
Pokki_PixstaSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pokki_pixstasetup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
2/27/2012 4:00:00 PM

Valid to:
4/25/2015 4:59:59 PM

Subject:
CN=Pokki, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Pokki, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7F0C02A0B2F2B0727327296C8736183B

File PE Metadata
Compilation timestamp:
11/19/2012 2:36:44 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:o5UbZyUPhhm/593+qzVaPTrD0dDYvHD/GAUSi/e+8/5Zxrfhlv+MUCOZoi87P:o6bPmPIrDkurx//LxrfhZ+PCOmi87P

Entry address:
0x1FF390

Entry point:
60, BE, 00, 80, 55, 00, 8D, BE, 00, 90, EA, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.7747

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
672 KB (688,128 bytes)

The file Pokki_PixstaSetup.exe has been seen being distributed by the following 50 URLs.

http://www.tamindir.com/indir/MjAxNi0xMS0yMiAxNzozMzo1OA==/pixsta/windows/.../

https://dl2.netzwelt.de/.../nw_31791_pokkipixstasetupexe.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1485067258&Signature=W2LNf4wbL-x-hke64u8MuCRJnr50q9j2bA-duS1q~weo1UpgxOJSzgMWUz~j1w91ha8LrRxQtsZJI-nQ6LH8Ks89m3Ip3iYIzmx1kcEcHUI50ViyIfFbvytwWoD~FFOKXEKJ9DF-kiQmGhBvBs9uSZDYf-ke~n72xxQzHL~voTE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1485254117&Signature=IcKhcwrGOyAKpXPXz6OXTNCzeY1OO57nB~ebVuazhfQPLzGN-yZgvvpR-GV39S5yXs~--8N8wK2snNMnhFVt9BBFASobZnY-gwgcCInABosH5XWRjDKTDEtqxlG2--YTL-r0wW1cAhrWHzSRfAMcFNF6Yj3Boa2YDkfw7xbKrVM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1486356774&Signature=cDCLDCLqXU8lqQz~55apt2p6WBXJvh9GG3dIG96iFG71aA6cjV7cDzENzMrRecLuvoXdQVYNtwk7dXc7gkXNOyo7vZrtUQawSYRkbPESZ9ZURdOxe3IWjiE-tf6zxff8t5ywOVJmJvZRpXxkwWWr6~OPqgHNNw7n7hWza2dZF1k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1450238054&Signature=JKmft2bMiVIC0i0GFIev1m82Q7jWQZu3PkGNIwN4aFgdq9heSIYwctqOY8Hq8Ymma1e7ETFlDV4BAKTL7etrjzIyK-TBvuqGSDjledjoclu4raa4dcVoNLejBgM8kNNKyyh~OI3RUI3KRUuyyUS4VcVVj-IfSOvyouNw292~QgM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1479851252&Signature=OC0GO1OrlTl8jLOrxiEWm3A1ZfKOl-asXqR5bkgCZMbjU4C6aQwdM7Jlj4y2IrBiweZPNLiQ4kMIDiu5Fvp-hJpMYUzWxDKlZWSgS1m9Ffm6~1uqhJz5uj5h6oPtXqMnc3QcWFckleWh-zgvoiadVFWGInEqNkHVybbmWdcfBFQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1485088076&Signature=epYyRTSJF35~uydliijdDq55FHdr4-iBWCje2glprmqeLKZHeSwjvNHNrq0-t0INxvLrzoRXOAQa0WHuTFMKT7bX4ZPOXhy5UF-soEX0FNld7UulVD6CJtw1Mb9P9VbtrXEL3jNkQEpUNpUX7eEZ66LdCcRalbpCqWE3mT7ktoo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1478162165&Signature=ODJgDMgdQ-mVNxPexuzK1Ykw2eXkaksFee4VXM6HWHUo6j9G1qKxZ2UZNV0Su1Enl2z0syIpXvBcxYex9KGpQWaabsBlb~kMf~3brzk2xsMFme4FaGqZOx6s3AVVBN9vipN5MdcaI4QoiQrysaglwtYXI53F~w9-zSkSpo9m8jg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_br&type=PROGRAM&Expires=1485923400&Signature=CXkZAh4xehoty5V4b2bYElRYHc-703zRCOyDTLiArKU8qp9zj1rRYHVfT~xVEfLzOjj7qUGQxQTk7uJR3msDTmVELxXesEi-swV5iDpvizAebprYywTTyuU4Za0dsctSWeZhFsfzbOt7ZZLWimzSATih7Qauazx95w9c56luiMU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1486894914&Signature=Me4k~cjpzRZoCt31CRzKzWAljKhRWPDrz9JlyIWTwd~M0UyYjo4X6rehMwe7eV7pC-sqG4jMtheWkpGimrEinhtGm2YRfAuE7qol1nc5JrIPfaF8sqk8ZQXBEk26Qy1wYJfJTxZi1TUe4tJRZXPXJKSuEvcxTIIZ1M4q3n91Rpw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1445409773&Signature=c5C~Y4z357EmoXDRAmm7jw02G6pOqaSPqPui2zLtp58HFFihkxrY1S4TblG2q2cUxwqNmHgwcxBl4ZhLQcc4b1g4~Rlmf2iATw2qYc5Z6dY7xKrXbdZzTQAAy2cQrXfnUJ61fcqfhc2gneuvOJSogLOwJNGvHjO~oWjeb~Ssk18_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1476147015&Signature=e43PkJPLjjSiDeLICYE8A6gNFAIECq6US1-IwqRWdgzUwIb5~daP5eSvy-XRDQm4E6SVjX6AyJIvR~btAU2cU0dc05h-Jzm836HUtv2EUViYwFh4fYuMZz1X-n4GWQEa5saUVFLDgXubmQpoGN~Rw7VEWf1jw4puKztIQfywQqM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1478603323&Signature=RTjbyKCt~R53EiR1tGptvYv8swg~0qtoQ4WqsiNATMpYLZA7q~t5ZBzYnu6DtvwQkBZ0ZRTIQvzhsowfwWgjO2w8cTW2smf2VdPvgSRyOKcRlgYFY35JGq~hQt24XcSr6~ru1zJ44YmENDiV5o~q7~2lvAbKuXx4Vi4n1GxajGo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1479396543&Signature=LxUz9iLun4oRCb5sXoyFm2wD5CNbELMzJioRgjnoPYprnvl30G5s-9g49Jb0UAoJe0dxwEZvHN5sILxFY~btBq9WXhBQmTjebVC~k6Kr0GM7aBWvizLUikbCa17eOxtOpMeBFGvwB0ezP15GL3qKiY6WXFxDEJVwAPh-8mm9Btc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1482798268&Signature=KTTifd7Ek~34fZH7q03Z9vbN2fPd44eHjTNxOAIF97cGCTnEgyHVkSbmjW4oL8eep1WrEM-6PrMTaOyMYwI5sJwIPSlJ-6u7Sr~sFhzS3U7CzmZor706bdMpSzy6wF9S6wxIVJj7E6TrTy3UL93r-QyUeW0VYwxriyU4Kosv-tI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_br&type=PROGRAM&Expires=1468638259&Signature=eEKuu3mx8LHa8CXmAzORp1t-kmdj~UeDoTxh3Tf0H511BQnsYB8enzS3Qz0YNRirWDXkvYVI0L8Erzt5svekJD3rv1dDUmJPVx-s6Dpb-SfdPMcqtlJY28wfeZfKkoAVxOb31kC35faBkuv3M4vUSRGCORmL52lLNdPy7rwWm1I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1476922887&Signature=RLuFLu3IIL2B7cnMuGpBIxs5Ttc~tFgZtO47prtnuYA7zdPHSJ~jZHss7tL-RsJfKharyqMGTTqCahT1WzFQeFEkFBAZrLt0OpwcGO5dRULYG6uuGD0rW8r9SkeM4ZU9vXUvRkRg-KLKpkL7PdHTj76e7rScwkIlhG1q3loj8b4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1477944620&Signature=SZ5qOETXrVDBjLuL4xAGso8ZrkiMeNSpPhFJ8007a4j3mngqelNMVTgdUIlbR~vNRb-QMRBazR4GyMQfj7P6mlBaGFt-amQjl4iv8CtkXZ5AwqOdF-ZtpbCPDHOJzF3-Z7PTMmFNbVBSyLgWLchVINZcrYy9wwPGbfS9tT8OprQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1476381641&Signature=biQcIM5ZpoBBNGEs6nT4To8-jn5lo4pJGvt9fEvOyDDxu9ywsyfAYIYFalqDknI5UEg4VGl0HMqYUwwFxG2Vl5D~7~x3UFsuaTHU4eChFYFs~G6AVGHkAnCL7ZjVOkzpn0f8wCA8PaSFdnHYfOak61VNtfVtBut-YEaV9bbZHn4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1479965787&Signature=A0QmWbkSQEgkPQtYcoVS-uFJ5Lu6Bzl10wPvFRI3NrHi0fLj5K8E7Iyx0zKvtIfvacmVAY4FdDFnECZ4SgBMhg06u4sB6vFCLSHNTSFPhF51V2WrL5sJzTqbEDrF3PUnkA7DBMyv0WzblP5mqlBOZtuVu~5iJK8twIR6ByvF~O0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1479792983&Signature=CnCxGuSjQDEloPA4Qxlbq14eKOE~y5V7MOvJ1jMZ7VBncdget4J9kaXbD9O4cxfUAaDJorNBbxYhVRWezNkPYeZ9K~BJ23ieFba-47WHltY0Mh4g2ZY-Z23kVLnwKqKuZv0JO9u4L~rdIxPwnv8aS1PubJN1sU~0PYmC2w0kIew_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1480431105&Signature=bLHjFSaij-IdQ~twqg6Xu35jPThqGSMDM53x76uLGXfJQLiOS2vQDPYOrwehZlLrN6iAJYbn8htfsJzWWYWTsZDuSa3obiLbGVxMBXRUVftuazbxN9OK3ACvTE8funqR~okZJAMCRcK-p6~MD5Vl1OaL1b6QkO2mnqHNRnXyMdg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1440997907&Signature=Bxd8CzI2MXw20YxMfAT58n5Aycqyh4YbPPfmpAJAbLeYGg0Su5tANO1WqxSeE0nnrVnPX7CQuxkJUp91kkw-n7zV5668XhqDqADMg6a5qM-V6GoCFQEj4-qDUD7d2pnY24yIJoox6aQZ6~R~-xvpA-zDrr0dfgU7V8lda~ndfpQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1481860741&Signature=JwHMiVoJTQTnAmWVYBKOffuh5Z7o0C-rf9~Q8Q~40DGohw3IP9VQM9AGGpUADMwGk1CT6XJ4gYFyXO1qIVfA6gf7WyyIkYhUSzTRR-CrXgQAQ1ZhmbM5Ewth~gQpWvx2n6iQzrRChE5iDVkZFztHBtfm094mw4BGldSL0fJyA~I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://down01.wxsrv.com/descargando/024/6886/pixsta/.../pixsta.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1476071108&Signature=FqM~XLZnPDyFxcaf1k4AGX8TX4yzwsvA1UAdq4Uj2o0nxI1u0aDRCgH2~P9aIJ-mPJUPmsnbNYAOWEkpPo-RnioJi1KgoZxO0JMH8tjJ3KXmMyBArDIafruryaPJQ6tc99mJoQWBHtTtBTENaVf97r4h9cd2ncV9dmWP5zZiRTo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1477468513&Signature=LEg6kfbskHuiq03fJRCYnPjCiDBhZE0NnVh2s-jLkfwVBvBUbhUaXuhnHgJvSjYZJxMkZG8dXkZFefci-Sdf8pzVvqjpGBn31UQFI9gBBMUOE~yvjVMerQ5QDwYlvbgMVOcTLKqZJ6KlGmjII458O4X73euwxiTtB~CwxWvNSG0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_es&type=PROGRAM&Expires=1446019272&Signature=XKkYkr41UrxBzceJQWY0hUpfl7ymYKTErzjqWedXwvKgdW4KldWkpoW-5F4qugWrGOnhmTbW9QBU4H7x-4RXnLoYVR9KxPD3Y5MHWHMkCn6q2wLWDNGYoB3l2N~xCPzoWormdd4dyknAA-e8Gb9a6MAwTk0OnnKtO~M0pGgeFZ0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

http://gsf-cf.softonic.com/98b/003/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3341168&instance=softonic_en&type=PROGRAM&Expires=1478400612&Signature=MhX-Ngm8kuclLRll-rdf9GNnvplwRx4IBYUuBOwJNX3qSC971cuJJXwmFWpo1z1RXvzIP0dgyBu3jdSmAk3Y9jR13KOKJjnviUCRCpzIrw25PY6DlUMai~OAa~emQMqVh0~gBw9rvX1C7EKhOP37~pFVh-ve~NyD~L0G19bVddg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Pokki_PixstaSetup.exe

Latest 30 of 98 download URLs

Remove Pokki_PixstaSetup.exe - Powered by Reason Core Security