stremio_setup.exe

Cidu

Agile Delivery (Alpha Criteria Ltd.)

The application stremio_setup.exe, “Cidu Setup ” by Agile Delivery (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.downloadstowersguard.com and multiple other hosts.
Publisher:
Agile Delivery (Alpha Criteria Ltd.)  (signed and verified)

Product:
Cidu

Description:
Cidu Setup

MD5:
ebdb655aad69d1c7b9d826bc3a6efd82

SHA-1:
58bc638851011b201326cd52ebca1eb48da7559f

SHA-256:
c9b8d699af88be0fd6d0df09408baeff320f33de596d92e3591f93d06d642838

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/15/2024 10:47:27 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.AC.Installer (M)
16.4.21.19

File size:
1.1 MB (1,155,024 bytes)

Product version:
2.5.2

Copyright:
Application soft

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\stremio_setup.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
12/16/2015 12:23:29 PM

Valid to:
9/2/2016 10:29:04 AM

Subject:
CN=Agile Delivery (Alpha Criteria Ltd.), O=Agile Delivery (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112167FD2CE27007C69C69FE47CED0A20713

File PE Metadata
Compilation timestamp:
6/19/1992 10:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:UIqPNFdQOMjvrBrD1p97oKIg5VvThzOhoxNS5w53G7r5C5H9:Ux/SjvrBrBp97oAVv5OhoxN2qG7V0

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.8930

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 50 URLs.

http://www.downloadstowersguard.com/c?x=X3Ofa9EjnmpaSJAFayT HXexrKH3m9kDVYfVwsgHruM=&c=2ZR6DdCrG G6JzWgH17WhkKXm9GfRBlRWrz7kzqhg6m7THupZ1nH8S0WAoZ/mmTcQY4y0389pHXUHBbQy5Q qShAsp6xNibEsTkus1KyYHB5gfIPMheamtc/PMRdMoruOhJlb0ZWa8A1sehU2xYqE8rloqMuQ AXC2qSRcKLF5Q=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=c2qWsKop5qVR ja21PNwZ5hlUF8cRhw0 fmPrLU7mi4=&c=pihIT5yHs8TV9vDYVw2 VNbtt2/vNt2/ h1Xbm8J9wKoOvWu1f4KqwwGKN9TKbWCgprRSQuQnmuR2qBBu1wUZRkVpTW64E/OGmbxLPnfdiv34ip7iT0P5Nj2GijzLusW9x3v8f/5oNHrmZ47GFU25ecUwlZAXr87j aHAeOSkAw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=IswU 9aYZ0Kv3BJ9WwCe7lXFCbW/41EEkL1FqCj 1yI=&c=pKmGq0b6fHeyAadi5K9np0owM23nkStdK1xBBP9FdTyJrcijaLuNmK5P6YnX/UlHwZAvUW 9AxTbJBAUAxkwlcsALDsx3KU D7eoXn/UnVqsEbTJB05vYC5WywSjz2KwFIvZhpt/Ge57uFCoXe5Zshn8uzDJgzEvBBKnP37uxRgDSDe8/IJAkHYbUqnGua6s&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=/6B8v3Qxk7gdcbqkSOErowXFEeoBj3o9miI2enzi2X0=&c=HF/mQTLB8qNR4CftoXfLIEhBLSjPOE8Xsu X DWYYN3yK7CKFKyeCF3EZfPK5DT/PNvADYZKTQ4 xkM01HXEAMkys3iJ UHuHlUyxqwjmp9WLGI5Aw2gS73QG IJ4zyr8ZSW4s3/o0FQe kVi2Ie0SoQZbpMWCL2chMryhTFbwEGgkKbWYxNcOCbooXHMs02&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=XIJZIw1MzkvCW0Mlv23hoXggxG2LY29DYxZakA8uzrE=&c=8vadpbgX862IWs2ZPpxiBuNmz75Nco5zLNQ8g6XNJeHz71Sy5GSSyVqZEOHa2s 1DpJ5zLoIOGsT r7/8SOwtYcO9DA9y3A5aFWFLBsAvP9Vk7kBep2msyz0ulw1V5mhYY4ccux5eZC/EIMbf6AdaVuKQ3x4z8tELCCAfusubztUQvPq9HA8KEjs59ueeWih&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=FFPLYdk6kqgmqtM TSU ALMzLstaa5UPySoXoIvfKyk=&c=9ggyKeRCvYuWiIDJD6vdf1uhZ1IlQG878mbXO imT9XIZ4fRLo8 t2/hLX9ngWaj3uy 75zLaVfVemNl w/Ttayq/DOYSdJONzLBfh5pz87X RO2TaWLjauIFBp5sW9bvGDk3hpRBcA8anUiC3iT9j1GtZKMPxFSeZmzQBRW0x9s6bMdCgAPMQ57V0hMnwZ4&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=23A1HNhRhELk5TvIuj2PbuejHTzX5RlTVXUX4kZuKuI=&c=Xpyql3AV MNL2HfnQLvdgFUDbmpCXqirPT dNL3MOxpVZdtw6es nNoJGuw0drK7zr24tSbxBFBu2l9afGWY5vV1kpLuakXyuq5 /NyL1eIQ2PvT 8Jb9fluiaPHhaTdaldRlIi4puPjK9pePRdKgJnj1mRIc0dgT0RmPkROXKdi0yV6NGYDPcAmYFsWdaeI&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=iRyEQy3gPeVMx2o3fbMXlblGQJ7kwKQj3smxnw3d4nM=&c=f7F9Cs37QULgo5CgHtDF7OwU/2j4P bqbZt0fl1PmNwXSSwQyYkmlSMiFQ1GPM4lQfBDH04O4OSOoJpMbOcRkIrcQtOTxcTtBj3EEDBkRl5/SRTYhzKOovfJota8X4yr6xBd14D0LsqBZvYqAVs1MXzR4u3oNPc6AaOFdHXmB sRfOoSYqUAQpOtDLMzqxfI&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=rGNsiGAPYQYI2p60A4PwlFiIJa MNKN1iMNx8JIlg9A=&c=ZxUs5Yqy1RWZJbv lmrxQftxQuDrs2o/Ga6vsVOj2q0OqNEdD8j5aegPQtmGi5zTzTUvFq3NytIyTHCX Ya4b eJO8HNHLikDuflQwLuD3U=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=7e7byLhP6LpzJqYYwr7GyNshwznpsUQRqUQ4rjEpGIk=&c=VRi31N8ThmfZZvHFB157USZ8DKCdeecf1sLqA6pX/zhx8YziIuy4VeXQO7b2F1958U2SopI7tLRKTDXesBHSgewfi6cdSt28VimJj3sZDX1lcwL8yezHfM// eqFcGBC7HrCM8xxStWh1f6QUpzsG2sNVX7anOd6SDhjDdpMmIs=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=GzVRVrUcjR3MnjubTFOGbMkJwtQ7glABx5xiDz1pxfQ=&c=eoUqXU73 7pX43FmKrQKoKNJ4sdAgEzfJiuY3kh3TAoVY3B5lsnv8PcsYVe7LM9sEGOrU/7cYcEm1qzk28INtievT5n/Ax6wzpHZUS9XiGVDk2t 8n/HxzvGvFWNc2R9qMF3SxxJ8AyWmYDdeZAt0 92EEuW6xU3woEt9wF fd4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=HqrKgZA/IoW9fkOiAfaZAaBD4B7stEj6C1LcV7nSUnI=&c= 9v4ifDaR6HQyvtEA3hMAAE0qZXtZlPSXMJtvHFt2jMyCrJly tSutH8d0WTh5t5Z1Ehfih6Cm2jtRbmcBD1ChxcAXZ2N/b1dUiZWZd/vmukDx/8qpiUNq5ojjK39 Na5UaxgLgyI1QEYUCnciSFYGilafIp 44 l3t0mx/bM1//jN8arMn/AActJfihgcnb&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=9E34TpYm72GGiF5FdeZAVRQsol31/ D209QcTpRFv20=&c=zoCJqCdZceI6m6Q5n2ZsgwStSMw/nQEjghn2Zp1pKZnxkUHa22uKaDcpyDDrlJW/umDmbSyXonleI2NHow s2R1RYC0IqDKVu3l0cbVuh8r469O/u6odTWLE2xe2L7vvVaElvSCVnIV ywfH7Ul8YcdblyeZGBRw9fX4 4Xn7YGm9cc FA2o7AwGCFWi7Z9T&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=StTXXehhwVZsJzYFOKMxyO3aYJAq2oFmFyxpPToOBQ8=&c=neHnfrpAY7XG2J1T4yiOYvkCfS736/GTY4OGqL3iNEvTyVJYvStErIlrnEMR/qv8rWVT60UIdT4OVJPykIP8SuuAjX23bO1rh/fZ3fpPQs0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=GSG1z/Ywq5iH2I/0NpMIdoDJOLWGvJ4PnW6WQ7f/c 8=&c=s/9lwZgPE/ Y DHiZX0cO6OEtHxF6YfHXU0Lx3oonbHk3FTEWjpmibbqdskOIIjiQp4QX3L0RpGdHIDoFit2JwRhV07Z0nlyeQQi9m7uSRh3 OHs9ODEliFejeySpygpWqpnpe89ml/OJAluz5QAYVkNtMyGn00Hn8X1H8ZALGY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=w7P5ffcrXIFZJhVVYvg2W9p1KFyWL679CKBGhU3FbHY=&c=fUcT8jskXWUOTGTz/NOfDkiZGO6dm1PmHTvI88OHtD780DOL6k4cJX wh9y4dNEk1fFZqO8yieM5Iy0iC1B1UkvxFlnhRUULC4v8QdXbrbKNbbhL AQW/UiVwaRZNUyIk3Z58WXPSLzt9JqIE0ss3eObQ6XLRmg hyz G7F28v1oNMgdfQ3ZcaOWifnnAj6W&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=DDFB/T7xTAGN8QcSHn I4nC8/c6fcozrJn7GuXupr50=&c=6JBAxV12xX7Hph4jdUJPh1bRv3nw84B1T9thJ 5fDrJ7Fwz2hHynsfy9NX1SrHYYO24OUybSeeaZAottlW/R2jJTU A4k//gkWc6oVhyiAGdOL5vgO3Yg72ATlrGXinOf8ldBafy6gzlQKNxCrQjlPRlSY/Eg/wCIK/Wp moiOM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=vVn5 Ojw0/LVQ/zKQvmcY5UX6ZO/juxclfSk9DP2pfs=&c=NG86KZ3wPi5kGpsYnkZAJlI7 Hfz1xlLFQVLDD8VIrSiFgIMQdbs8D vOAeVvewEbtK6p0REDtlGGtwIDvL6F0EXSTZu856dJ0cIQibxnTLZafY0onxL mtghyBFgjv7Ea1jd3gj6M7l 4rV0uobg3CnXndRZ9zLU73PnxYFPMc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=907v9mrAmkU7/NZqrZHoBVEMa5QqneuHZExQfUJe068=&c=Zj7rnc7YdBdg00aQkRz/GIZiOvp9tiQWz8g1Q0oWHnI3cGFdhlPHIsJV4Ce/0/JsJMV67RpJfBRI3tOgkGrflqoOZyiA9qL14dV2I/Ek6cteSJVb4jzXM0z1RjShoe00sNoHVoq88MDu1pl94aSP HwghgkS8 X6wLZDxxgvEX76J5XnR3cra/jwfLE9QOFd&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=piltOvcMh9MOTJS05YKcQflic0ho31Pib2I0qchqoCI=&c=mZkyPdwH5cLawo0X0RfUcfEd2jg4wcXZMxWsZWOWG8vOr8/nn0l QrhFQO2bLl19OfCFdxJbdKwGmNXkS4rSW9gEFpfyQu v4COyft7NNpZ7aDAWFePXwbSUnbglTmAFajmtv9JALI7MPcqWcgOF6rrge1Sm99aEKeCdcyYKFg5ENoyHuV9f/f4V83S KBki&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=X32nO9XtT0cou1AZNBM3iPZKRzCHOP/ZKILqC1hPiVM=&c=00S6a4SLc77L//jU6dluqmJfzrf5qV5vGTNZF4984AZViwFuuK8ctpGFqGrqgg/N/ev0TjAKhw77AAjtpK95 lfLasqhK0rWNqPnY6jauT6c701tkVkswHizEewqdqrri9ov/sTyB6rlD2JX0HDKPZNpzz4/FfRfUzFBn6QTm20=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=1tAWUqkhhz5R4VfG8x7RU/OVNZKQdSruDg61MS6aJYw=&c=mnb7z5eimuwOUDSDQGsrLvnL08Yg/RcTV3OeQZcbDTw hMuoAEFZ5531Pq6qabfnr0LHhIlZpAnOx2TZ7Xy2aOlfOykiMl9YlOXwzoAEPxeFhkHySvNZzTIstFQW1Kh/PCTChstjmE6o9Rk4uriJRIBGweLX9Ga0eGAIe3KhNlE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=0Xxx 0klHqIVQg5TWdMZBYicUCP3gmsWYQ9OQS5mI50=&c=3fwy86In GsQAkn8/ps3ygInLPzQQQqBe7SBjJtikE44TJE3nSvgwQEcpKcBdApcgICHCdeDxPeLI9iTl/Eu19ZOE0JCuUdzwsLAK6T0 TglnvxDwjZxsoqLsYI6oESadu7DP3ditCh1mU4lQn1egiY78/B0NK/m//ThyzMd5Hz75Nj5jLuvVkB8gVW1Ibq5&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=u mhOy0VNXRiEHxjCn7lBiGQLNjs8XsUAPyzGCQYk2E=&c=6cGeXcCpXLZ7mpxa 5T5PIQnxkSZkkdzHdDhrlCa c mkH6HblP9PQxnHF5KFQef1dN9kTfyd c234pMwVLgaQ YcTRV0//fH8CoOMvlbC nKMDO5I2RYOgaTIT6HKVALGx8Y5bb6MIEhkgnEb6DZK6LnV9xHuLyNQKWtOex7Zk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

Latest 30 of 51 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security