stremio_setup.exe

Habi

DeliveryFlash (Fried Cookie Ltd)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application stremio_setup.exe, “Habi Setup ” by DeliveryFlash (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
DeliveryFlash (Fried Cookie Ltd)  (signed and verified)

Product:
Habi

Description:
Habi Setup

Version:
2.4.3.0

MD5:
f2ea9f65eb07fe2504c9a4b73479579c

SHA-1:
2b698e5ae13e914969ddf9e956189cab263ebcda

SHA-256:
21faa88edca38962c94c5a76b46a2e1d50dbdd6b9af0993cf20be2a9e48443ad

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/15/2024 7:18:37 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.FC.Installer (M)
16.6.5.16

File size:
1.1 MB (1,150,000 bytes)

Product version:
3.5

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\downloads\stremio_setup.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
12/17/2015 2:19:47 PM

Valid to:
6/2/2016 5:19:25 PM

Subject:
CN=DeliveryFlash (Fried Cookie Ltd), O=DeliveryFlash (Fried Cookie Ltd), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121FE9A11A10286605B22CFFCBE758C366F

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:N7SpYEt4DorgpBb+d7q4l30b1GWBQEfzdLdXUDY4:NOjtkwgpBb+d7Vl3w1dLxAY

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 50 URLs.

http://www.quickbitspackage.com/c?x=kam8R86tizDHbCTrgEAR5k63MZWrUtVS0jseLV6U9xY=&c=FdGgYK4wZe5faXipSGwCxW5TJxzHl1 w7aGw17hi0dLTA3FoR1neAs7f9GKDVAByweaxyOx1awFIiSZkNviwz dKffUt8DO1SYqki9xZ9UXS1lQtnFu1ITV/D4H3Rd0NKAxXs5sfXRHnB1iWSfDzbWivAVlR4Qqs/AhduY3ALVE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=9v81xh Unxuk6wL8AdpBVQ8VPkJNErImQX4zeflx/28=&c=ZpQKocsbQLgonFgCrNGUfCy/hzOnaX085AAbK56GexvAPHNRbc2IFr0BkCjF4xAHAtLSayG0uOgktmueVp8kNXLFIxb mFdfEkcGrnT7nQLFbTePfVf0z6hoDbGkAe3pj5o9ZqSQdhQsKy tFzazbnSZKFEbO6gMT0Ak76fep0k=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=8XAfb/4bpenCJGBcyDYUVj V5KtLDM3MFV8YeTYIkMQ=&c=WA3/Ncg/k89wUXN4f4LTK/aaPSLMj0tVctsV6GDzIAr9TNIS7L/go fdMGN z3eEI2qXVngNHewfwChw8kGNw5tzMtkmyA6tyZafDFMZ G9imIiRCVa2HSOmc5hUyYKNZ/lYq8J/yY72sJ4qH8jOH5xt6dp87ApcK zl8KzG9hQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=vjm88wQyDr8irjikZuwEh9Ms9I/KEu8XTOJdrLmr3ZE=&c=dolWnZ0t1oMyrCbQ8aA4JiOi6kGcWjtyGz5m5hzsewx4PflpC0mIGjV7HnqP39xPOCIr0l2OXBOuWIA4CEj prH5tGXI3NbOIlDOhesnPYiRctlZUuiJpwws1bgoP9p8ktfiAHOzuvH /4eQYRkugOa/YfIbG4EBMh7h5gvY4rg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=dpkGG0bTZEMFNVK0m0mpT6oOJXmedsWQwq Lvj9nLKc=&c=8hVdPOWL BGPzRSSFJXhw7 o73u3OwhfBX5gNDifnPh5OonDBA fgZmUM27 6OaCnmhOGPnwMtfDF4mNAjC1tag8jfRw1uPhJisHo0TbWxlvd1SzHVlQjR/u8juZCXQWFc8DDpQ6i8YayYUsxp3nhdePJnkgLcMpm7LKzmdr1PI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=JnScDUjr13D6TySMVvEaSnPOFnH5fHBpeVYS1sNCBb4=&c=8IjeUJdo8oonKpmxMzDhdT7K92CmOPd43ypyA17dmvrKj949ROY8kZgfCSbNZ 7icwAGqYkdxouRMpMogtfFJAwyR0ryfC1gmkhZO4bp0Aj8dydfQL22vXFuMAgePxsrmsCdl 31nSBJls2LEbnBmOfj5H91R4Ru/RC4PqDCM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=3/ Zlbk CpWi8kN4 rYN5CbpCuM5xAaO2OxQSWE71g=&c=1ga O7mOknfPR6t8BohUk8OH6QIr 9E0oUpewB/EPf9/Yc1KjBt0VexCcBi1yUp5zURven6RdMGt Bi2mFBu26BVwcwzrXbAwfUAEDdFmQJ2p9zwahPIx7FxMrT8fSR5Z58jP6Jm8Pm8mWmGBUb8ppiLYrRGkfBVwmOZobWGPdw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.conceptsnewvaults.com/c?x=C8u686i4UvMnlAmYgOjwgbcIiQKpAr0PXa6RRBMgow4=&c=76ph8MdfZ6j7vZ3AaiZh8Bql8U/9/ yVQgn24rGYtRKuS5799HbRPvfwef1X4SIlqydE1X4nlNFm 7Ob6OjRNzacJR3UILqaVFHvHtt38m/HAKdXgEcvZTBPSl4qUoUF2KnDrvsNFn98X4WolkslqLAF3wrH3oxCVap5bc4qRGg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=RLRPdvS 9w 4CSk4qbNezb/6v/I1z C4zHxJSHAG9G0=&c=DFVe65gIUlUXAjocbChdFbfuNszNNmPlXFnQB78/BFeVCn7zxe2nLboeInnVh8xotYGGUfPqM0vhqX45/y3mywwMu5gxEITOUIoKgE5xQkO CLGVkMB4nZ3SYCuFTceZPxRBWW6kp20HAoEyh C4TGulXPA6khDtxg4NVXBv1bA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=5WfVrXYY5 a2YD11gs uWVuox0r60HjolBLf7sZicwI=&c=ZVFkHqSpZwy5Ie6GOCy dSwCV9k96Fy296Df1/vAocQxlw9Z2Z2I94jHzz/b5IKw1675G8 1QXNeCE8dFwQgB3ezRjTL5V4nKEtY6eOG2HBLI8ine3gRv4X5Ld6DGQ/SmW4HVesgURhnQFuX7eUb/BVXMfTyghTYhduFKYTmMg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=RmeZNVOM3C4hdVJibTZfPTHLQu1UAL2vGmKn7k8eHhw=&c=I2YnsTXez3cWc4bBBzhl3F6YrMY16mxHyUfl9gkNJX/lI7UWcuM7gED812eWr7Q/WpP9A6uR8pf3EqRQruy7wb8Njz /2GbA3SppvJnt6JVo8IH54BF5bW1lOF90CxRNL5zZpZ1DgOo7Jb8Gzs00C6NB6bHKj5JkNpm3EWws 0I=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=U7fkLbVqfczVoZOpoV7sY9HMuFQkyg1hbFCZbXN pUM=&c=YAhYJHwPuhjeKdxLIDcNFg3qp0uwCMXR4J/DWCI2de3VO7CYdIPtnhSOgQ54mouNDcdbMiX62LLW/BAcRgRmbstAKkihNJDSz02APfFUbf4L0rWM15xFyery12 2MWfoCIGca0sFZ/hgcON5Ok2967yn2YG/O0jU i29w75OI0U=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=7pmGTiiMPlklckRoi6fipRcNFwrieYtVFL7OcV2ni5k=&c=tKUZZbG8oERlm3SaS897WVauVsrwk0ip4artk4dOCa6BoZqot5vcP4 ARNOEF38iVRZAH4jaRA1L1bmYlTECv8Akd776CTmtfKuX ANFufaLWcnIH1dyxr5W08i rt32aU5qlM108NbI8lyGigrq6KZE6L9680kDbGXhajZXoT8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.conceptsnewvaults.com/c?x=jRQDwMejl4VTa0aV32Y/cCZxtuMFwVlvw73jFlJVRgw=&c=plsde8awhKDi8tkNicqbeJ0MNRmpxGjN5SMX1 DE/v40N3cnAeHLtxMa8fKw/O5gDyAwqcPUfBFOMdZDpu1SW 5O09BVoZ8mzTSpHGHcRovOAi9CXuU5cY8GknfAzj7eyuDdaLJGkK/pxDdAP8BL/6qcLMPtqY0QYhpw1uWhpgM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=ArB4MFiZGbTWQl2AE5bDhfJvp2PHf27TI43hQcgvj3Q=&c=6L4 dAoOLX0nwnXNo5lyOGr9iP/j NUI 92WUJ4JO56aKxHout20jVeSN0x 6Algf8bjXrwdnWfr2yBsvIgzDStEtqnSmDduJPYOfVJBIHCD/AGyoxV9NyEw/QDRLnRD gq7RbRl6MZ E9QmOpAnqT4xJ80CRgg1km/Tbl69nJw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.conceptsnewvaults.com/c?x=wJeNMOeMAhybFBU16ZhtH20lsHMKsfYnEgxpNd9Z798=&c=jwIKBUSWHbpByd8ZxrKYUGdB0AIpZRJoiwLTwSxML exyec7UauuHlE hdGpzT/6o4xa0qTU0BJ/LM8S6xn9MJEwLZx YW/ZevGXxr/Kc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.conceptsnewvaults.com/c?x=gmHmKxBevQUI1QpQCBb6bwyO1zqggJdaBgyvVBcm/Gg=&c=CmmeZLaJg5QJwVIMKISLpuHh7KGtsZq gnSeeYvttumaE4wuAOxx4c4JrB /vvluAly5CXUt883165aIQ/oTrHNe cM2l s6Q9z1sXnTe g=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

http://www.quickbitspackage.com/c?x=1Jv7msFdjzHp4QXpvqZ XoMjWxT8T5vLtvy1zOUv58s=&c=qzNkhL6fjqBNvxERnFv9UpNue2im3oE6QRK1PYwEYnntKprJhRbBSzNp4jbFDaJEgB9eff1o61MKyebn30JKRrmeBKr4gCbtV38f0ygPdWgXAwkJShLNOEgq9jxKmWi bJ YWeiPKY4sWYY4iLuZatQxUhNH6szmnfDI9Ai8ygw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.0.exe

Latest 30 of 82 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security