» stremio_setup.exe
Overview
Analysis
File Details
Downloads (44)

stremio_setup.exe

Duhot

DeliveryFlash (Fried Cookie Ltd)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application stremio_setup.exe, “Duhot Setup ” by DeliveryFlash (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

stremio_setup.exe

Publisher:

DeliveryFlash (Fried Cookie Ltd) (signed and verified)

Product:

Duhot

Description:

Duhot Setup

Version:

1.3.1.2

MD5:

43417e94b121653201a5f295f748ef80

SHA-1:

38244069201d3436d50936815a285e4bb6c9f284

SHA-256:

6f77bb44f6416d5616fa6fd37390ce97ce424979ba0e96a2d13cacc76d010b08

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/16/2024 12:42:14 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.FC.Installer (M)

16.3.21.19

File size:

1.1 MB (1,180,760 bytes)

Product version:

4.3

Software

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\stremio_setup.exe

Digital Signature

Signed by:

DeliveryFlash (Fried Cookie Ltd)

Authority:

GlobalSign nv-sa

Valid from:

12/17/2015 11:19:47 AM

Valid to:

6/2/2016 12:19:25 PM

Subject:

CN=DeliveryFlash (Fried Cookie Ltd), O=DeliveryFlash (Fried Cookie Ltd), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121FE9A11A10286605B22CFFCBE758C366F

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:VS8a4+CVjMtI10V7zT8fK7izM+tW+sWti:VSGVo0a782itWS

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file stremio_setup.exe has been seen being distributed by the following 44 URLs.

http://www.2016delivery34.com/c?x=X3VuxlPEo7hMtlgGcUj9Xj8AOlkLdhGCPu3y7SCPjks=&c=6U6tRGvzKvtKiiHp8fDE9Wv67/7SoNK1uvYjs6AOavDyaWtr jZip8PzaPWN5yfpNx 3eAjFSzoYGJ3ESkwaqr8AwSXZoGVy UA9/T28BKteEUSO3fDuQOOm2E1capvRYCjDZWM4LsXDjkIhxGVshqAu6rIYQvTTp2BhIR7Pc2g=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=jNOcUFv/ebcZkq40dEqtRwowqTTKqpIWiLuaqpfklc0=&c=mw0WCOnhszgLVli8oPEwFCVzVo4xbyyKSigfDSMfZeVLXVaHiR/Mv334MKdzwBzDgGxxOZFaYU/OhbP0WQsoDzXjibjIu7bZdecYoFaykQknyB04MNEC9LD7rfFw4sVtZFi9fIkv5aT1KT4XUwZzM tCQ3Ybe4CGdgd8q4DmtCw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=0b IkYcsWv3rkyuBVPCG5NuWhGV7Uex5b73e3FSGxUA=&c=XugQTKrIoF7yJrvhX5ghgYfXfeLO6fCIX89 Utglxiq/zvK4vNnGecxZTYUFNFnAenFnXvCQuCI15kSXaSjaG1LN3aoWKfN u9qrsJc7XyXLk6YEgmu8yRHJguBjYwNE2R7jpPtLxs1M/f/CQSHAlorYPG/5E5MSVqVg2NXFhts=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=N2iMMg2OFnJfYs9dF7M/uNt4HxOxLv1XFDD7Vp1lCPY=&c=9mOIdRJn9D6fv7zwwlkupI8Q65Gx1jTHNUmkyFz AQrrD7wIKVmmvykXZMMIBEGvamoLC/6Nl4qXSgKYcwWVETmCWfmB8Q9Xo bbO8XcgK6TwyOaAx3jZiFGpU/qyJ28Bss59x9Ag0OhS coVOK8rvoEok2TRXnr3TVh59Ms9dE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=wcKM9jJTt QE7PbNCLLacWqCpOZjngl6ZeF8VQQ Sno=&c=YFXGdN58/ kbZgYxaqMp4l93CQGN79HvuvjFu/YvcSuIJpQrkIK9LW/LXBsTO6WPJiNcwF9ULJIy4Jj7ZyX/l0adNLaKSQ3fPUkv55Dsd5sb6GHANZO3CvBvyYZkwfGC bkOcj1nXusCvl r438NzXi/UNkck9606AfJqDw5Sx8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=8s1sffktVJrHWC64A6MDmdmrHAlYWgOMm2QMC 0cEMY=&c=sfV7NVon13U8am fPigRPOA22GntlOKoJgnOOA30UtniKN/aGVo1h2WtuA6DsNnJ2jrtVchv3Bz7wP9bQxfSbPOk1RS12wTiC7smRaiWBxXWAq 3gGeKRhzCh7RuJSqIE40 x4A2iVplUbRVvrZ9f0/trXschx07AJQ3XX3KNWg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=qtVnu59TOev6fG5pz0UxIZXQ6X TyfEPcNSbYcFOZog=&c=v3HpOIVxJ674nNziGZn93wa3asTrxnl N3tH8jw05iI6hM6vs LMuyAOK Q6iZWlUsLuI03xxhP/QuYMxlfRcmVeWWPJi8b TCXUHl79dbGkIoTzTpgj9IUr7w1H5z9CpKitQkMQG0iKXQ5a45Yd a3C/fvpFSRduaumI1TbpuU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=kP/DiMPZuJoiYyCQLC4EgocFBfGCjjAyOsp0xPPfagM=&c=qKL5IZdwnWF3CJDjm3asDAnpkDYY8Q21kqr7WNebY2iivTiEEJFKty7Hkpb73ckMR0cXHnE8xJZMoXSWeix4TC47usppXl4gIPBK41EcutnDlkhSoxJuagAOZOY9ov/6GI1OsOMg9jSaXXgYxM1cCpLvbSt8OdFJHlnZtLZPgc0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=O1Fzkr2LdHg 5vCT 4IfAFb91PioNY/UKR/476k2POw=&c=Vzy4kCSk6oYSv8fkfh/iEUQJCYrnD ISh xgqYDsVX HqwrYq6pbCJ7RFSnjBykp1ZJg7ec3PGiVa6g7KpDZ1NaDO fdZmf7wfT4HixqTAi4cu1tpYQWV9CcF1B1eGxPsq0510J8KMeom1pTuZDLDYPOfMRJUCgwgms2HLPEJQI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=MKBRIx7sx68kw7pxsOenVIOiY4/QLg8r43IjI1TPXmE=&c=gUaafUfOKa6yflHEZqa4Tubg0bmb4IE3XIf2U4hLsXxKokpJ6mW/OUxZcRKCnBo2dCCi2GVqA4 Av/6tOcjWzCJj0kIzAInuBONuiejwrT85Z0LsoEJd4y6NFPTXhOwLBM3nLWbckunpRPzRSvQD PggXCGTrQRSwokjcG5hNJE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=12Pk9DHQZVls6Hzo9Je a6OPdC45FPGgazQLYUlgxGY=&c=JipZ8oFJY6uQI3vNA/PMVI7JfWL4ixnuInrdYO23uThn ALpJbASVJPfYJAN ItLzR/o3hVfvErCXnl0B8rorgyVyeF3lX58UAfDSvhckhm6ocJ8skv0jt1AQpWNB7iEoxJZ WKH0AR347CbxvVG9pV9NN 0mC9RPMocyuGjli8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=RWRbQTL9KfLIVwNmilEMaXGecFCoaxsiwZS4DdZSuTU=&c=vY4 KkdrW9bM58ny2yBbFhGV/Vq 5L dDpv/Mij2vU62AzaCkOQr0NxXwd97UnXFi2F2alkCAyP3PfDpF8hNG2M9K6uYb XuqDS6Dy3R9oKFDK5njBLtpbMD516N2TD6ARsqz2xdHhRU9CHg6ued8pkqMbMaL9 7Yq9TI9FGKg0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=IWlo8xXx fmehwfQiXMJKRgfR6lb0 AbQ HKWEKcJp8=&c=MY8NfvrK nE6kKrTnI37OC0Bl06iWZPNIZkpx/4Kt/8PZcz7CxeNojhwoRjXAUJ8STZZ/kCJesQaDUiIwFhfCbo1zDeP8IKnS9aqegTjH66Ro839o7wBTnLB SgpU5 jhRapalIqbxY/7h8XgTfqQ a7xgB9uJEZubepf6qDD6w=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=GfcjAZE15Tya4OdISLb K5uFGAh3MxOJJ1r6BryPF3g=&c=rXDhmY0KtlKZzCqa54oCAfXfCCg8 5xTZwg2uUEwKs15xNIKfgPEuDKRexxatA6KlbdNX3rEG1Mr0G4ED2COxyTu/Cy0VuRl3vsYfc8mtVKGLek3OLfdyx7UXAJpkYcqF9/LCF1BitL7wByzi5uMSdaKCKeJCxJbd9mXl/s6Rlk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=SdvNuMHQB0uzsaH08GoDFcILgpFSqAzI7kU5i LuAMU=&c=j20sVRinTFhxime8KURXekWNcuypx37aEDmEWSA1ZnNqTdYzx72dJ9PsgYPgRIDSymtcDbPDMc6ZPfWbKUnE7UBvMKYtjbJkSjjxu9ACBjEUcG2fYEOAnfqB8n/te1X3em24sMIKAGCyo6Azpodrbs YZGXCuPj3/7VeV051TgU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=gmqxFNaoidHhxZNoTaK6yyxtPlbAhUF8KS5SGOpk0VQ=&c=kcdXjyO1ES77/v/ZlAl5BWb0TCSP xPFJiR6/eF/Ac/0CEsP3wErgq96m9ZADey2QG2WkFy/LJEwG1qCycaQcJI9DJ rx2jde1LWiu3EqAacHYGLLRTE 5TbBj8pBrFcCibYrVhJ6w5UI nPEU97 pef0LpIFJRY8jTW2WDYO2M=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=tyVIdra6hZGEeUfU6mH9LjTtbyDHdSvyyhoRAwLBkf8=&c=zlUyGmmFhSFeu/xc7vvcpAHccKGUQUqZ6x 7w9uwxomjRd7M6XsqOfLdWtFjpObIH6pwWd4J6A9aGA0GEFfz4Z0NBNwFEXJvF q7eHCSsSyDOXhQy0UM500xIpabk78TjCmC4gtg3YMma1hGCY3TF /iAKgRemaCTOZln1mdxrk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=jIF5129lXJ HwuIkk3ukQOkwh7iItfvQ7J0qMoN4Z0s=&c=NWxcttat8wWdkxp3m3SzRxhIz0pUbZOzauS636s1VWAR1Azsdj1MpkmMpbM7TqQBHFnVwxsTMvlbSqmSE688hwuIGZpiXzHsuE9ZUyLp0pxk2xJDwGwf0HKytK32S8p5EwCHJVU8HS3/4zgq2/F1/pzrAyID/51zx9VoiHeCNkg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.downloadstowersguard.com/c?x=7no3/py0c5SjWkDZDN2Ox3epk1dafrs/Wu7DD/GiMnc=&c=eS3szo2lR6avqoAvwe1bexJ4E7tx4tdyuEWEkiIAN9U4B5ZYj9gUp0sX5BE3M/5j/ FkBga0tObdqQAjS74x1KE259bvTUyT7pIMMIascdgEv D4xG0SasJq5CiKeIEc2sHawxMniN4Xkgsr8JOUXxIQGkwni/2QBAEZz f6zWQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.2016delivery34.com/c?x=t9mllZUWHNmnGBUtsL6QxUkuiyz/1GeQJRn4OKFfDPQ=&c=X9KESDDkEmXssPRLgg6rfXlgBhCawHanQD6pztk7HAluVM0rNO7T4Vp0hOXmHQmeDeGUW6xGnoX78sAQRiNXRp6p4HV2BPMn2Op8HIU1xCSam HvowVtx2THX4vUiQTup5ZpWGDJ0K7U5hYq75qkOIc0v9KWsog5g1MKGV77DBg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=3IFcYvZWJCgeaF4HC5iahdGTPGN6 9ssYIDayHQYIns=&c=b/TmBir/rLztx0lyCByYc85gYHPU5oimJfWQlIn nBVQR9v7zDIw5r6ehr/lEYKkkba84xzQFn7525xTr0oxcVqY/fW2ek7AGXDuXzpZdC4sJXnhzf0WyRwqRnCJ9wHUMidSioREeIqhs31z/AYQUFSdW/jpMOBfIQtLPF0mlDo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=fPNjNX7HsPHGMKioQOvtaYR9Ym1r3rxeLv3eH/09oeY=&c=pTVmVXD5trmew9errgnwokbT4bWgs1zlSpeFBjFUXfw9LrEEQ3kdsxrP3D2C3seWBOTwss5A hZJhMfWKRYMYuAZi7f/H9U3lv 1qFaGQmAB78dmaW1yFL0bSkFMbia6jK17ctLzTdaegPhdMQ8kP3b4SJDW7RhIrBdtu8jtrQM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=sGkVwmUU4v8FmnSmTQWbr5BVd4QeD Z DLwYng/k7dw=&c=UNOLgKq0mEt0IvXqOLgzWCuVjg4VAnOp Ns4OmYbkjhFq5FxA6LQBBC3AzMQ8hEi pJ SerfVCUwx6gd2ulgMTQDg/UvpKd5m8jCzPZ4RKoNcjazh6wF8Omwrz/H0b9qUbcEIEZg1pD/p6y/VIcajnrBwhKhDzbTj3kpM6mE/JQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=IqQnKUE0jSzqAycMcIL1umBYTaihOvCJ9cm1blFUDgI=&c=wyXe4O7 73p4570SeQWK/ZgCAmZfWe0uD2PO0ftHE5pXuCDI9zgecWCAThbqqXdr9FdiUTE6N6Tl20za/bFTqo LrHMKJzMTOD40DcXQ/vZqTbCsSkJ9rVaVgmmD nLAZ pN9lS7AkZO65/CcTxibf/l6fUTWrq3RHYKLkB/RBI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=29Kh46424GI84CeFRTc8Qflz1EM0yBGUe67KTq65OL4=&c=wapjvmEza0KLPvYmFY/C45dDUoEnsaVxZy FtjFqOdbjxxV4AvQi7L9skAk4DXWzIs0/NPYsVnalu3FrVSgs8ZM6lPmWekPIeedrBpc8HknARhSRHS6iOhIODwBdAflkZDGFlQ CwMOOKcjRLAj3wP5Xiil c gOIUDVrLlrd4M=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=0iqG/h Ho/MWbFrBpvPa4Uhk72uRJUKjjzPEbfc 2xg=&c=I3HYWbKgTwnXL6zUXCY//PNS ZQZW8yJp5rm9wncUaifhHXtsEs/o3urJ igkoNahD7obOdE iqItCFDasurRY/mtNolgQLgEGLv5vX4OWfDO3rcrorsauP3ZU/Md61imOTnAN3qxMItvPccbjZ8SI7JprBQnuoKu9Z/ZRpt12I=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=3ftJNAfnevGpqI47X7NXZioEc3KV/m2hYvm2xtB8YxY=&c=F1AD3Cg2RGlI/H3F6NoWs31BT6AjMDvsQaEczeQi2yAI3fDgNjYR6QwAyBzDdONbPQbH7Iwk8gTCss5Qz0bXdNq27I3til9cFfc64GO1odTD0DOs5UeZy65rNmY0rUjgZlIMdMPEomUqqwwrg8iKZJ2YWcBYBBhE8l1E0hST9tE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=rvcYHNwHww8GCxvlHQVMG93xdtF/froAbkxby003OlA=&c=Hv0MHTeIqYKHvUVmR1j5r0/4lWzoweR/3EXe6g3YBn9scNW3gdl228RfIaryZ3jNiPEJERCWDlFNHS1CDAsXaFrukV3959RHO4YJYdLFRpqt7izwZwd7Lfk2Xz eu2LLXvnTr7iSsv1bZ7XdHDKkTd 0CWb/xwJSxue8sihkixA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=xNYbSZ12KGPXFxNHyOwjGfKa kKp1b2wpcjqIjhT4Kk=&c=qT3fJnc2lfANcwYJTXYlHtFGymCMcgJGCXlEEzDR0TQInOgrv2nCYuZCe8MBfapq8v80Tfq3mPcyYwGzBhYbh5JnguCNE5cmHJVGC27AP6xz/ArvLU3NVdaeIqInclCyW1VrEs8M/5mwPfIMScQ9PmKQW7UPlYUe0rlSQ/tBZJk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=jSUpw8gYqEc/GW4PaASsRnUf8mP3Baojfr6ysPkf/iE=&c=mtF9FLeqvkLuJAOUR96opV4FI49p LrAl2xPnsOFpivZ7nSJvWL4QiyTULOyc8WI3Qrf xgFzSpMYf2Wiiw89 CM1pZJHXOlTOjjxlHRJv00g8kq2/i7QWHf5ulYdxIt5VpauRT4U5JJ7NREoinNm7mAs9QxqRK /odJB2pFo78=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

Latest 30 of 44 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.