stremio_setup.exe

Makac

Agile Delivery (Alpha Criteria Ltd.)

The application stremio_setup.exe, “Makac Setup ” by Agile Delivery (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.downloadstowersguard.com and multiple other hosts.
Publisher:
Habe   (signed by Agile Delivery (Alpha Criteria Ltd.))

Product:
Makac

Description:
Makac Setup

MD5:
3ac387eddf12f4e0b4101d8b52300a2b

SHA-1:
5943ac4c33c33acc5cb49081ac33646b012cc119

SHA-256:
06f8e3e6f6e6ab538d0a516145d05aeb7d539773b873710e97998789f05d898e

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/15/2024 10:50:45 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.AC.Installer (M)
16.4.25.15

File size:
1.1 MB (1,133,024 bytes)

Product version:
2.1.3

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\stremio_setup.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
12/16/2015 1:23:29 PM

Valid to:
9/2/2016 12:29:04 PM

Subject:
CN=Agile Delivery (Alpha Criteria Ltd.), O=Agile Delivery (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112167FD2CE27007C69C69FE47CED0A20713

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:kOBlUJY9ET8QYIQZV9lawX7DZ6S1+sde3RynTYDk6+viXZEDMRyOxEUy:kOfd9ET8QYN7XNXXZ6S4sdeByEloiXZa

Entry address:
0xAA98

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 2E, 86, FF, FF, E8, 35, 98, FF, FF, E8, 9C, 9B, FF, FF, E8, B7, 9F, FF, FF, E8, 56, BF, FF, FF, E8, ED, E8, FF, FF, E8, 54, EA, FF, FF, 33, C0, 55, 68, 69, B1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 32, B1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, D0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, C2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, 24, 93, FF, FF, 8D, 55, F0, 33, C0, E8, 66, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
40.5 KB (41,472 bytes)

The file stremio_setup.exe has been seen being distributed by the following 39 URLs.

http://www.downloadstowersguard.com/c?x=Ta5wDcEa3c7F7QLGqwi1NhksE1UDMBnV6izTbZEHV1Q=&c=ZDB2UymY9DEVXxJ6 uAxP0M/7YX2BDMgwBvHfzfyckqnkFb/XfLCY 7yBjYnmpc506My2pzVZmUKOVtpLqipqkm2ltOsD27kghp65eGb2kzr5 tiaIf3ATl0ozLc4qA/Ud4HhreSva/bIuvZXoFzQu6k0n9WtcKiPX9f/m1HAlU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=d5yiD6r9XtPbwT5ltpgumio2va6VrO CdYomHwbtAwU=&c=0wGGa77T4btoMFzPkJnolnsyVX6duOac0mf54SQUKxq 8CkydBQY4IWyfefEAB6NKm2 MXZ4ufW60aZc/wGQdWNZuwy9laIFmTaCheXTIigW0PuX4RTEtCAjBRXjjD LsvXBmprHSyafAYTdYeIsO PibYxDdFUXt8kUEJHS3hA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x= kpKx05HwdvWOwmkly7d6scBwOXGhYmUPzGFLDyITlk=&c=QnMgaGurILWnXYrkK1dQQP7IYQ9D9aH7QzhGZcLmDaR7kH36O8wJnkytq3rr9V7 5T3IurLR8gw vpHgG/0Q/k1d8a1SrQXjai4MPy2T55YmI5iQL6HaN0wKhmppFgzg0bE9U6gyjqMc6KsteSEymUJjRTm XlhBkuI7zmU1Cq4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=oItuqSPOvaVcCE76NuZlBSQnLGG8cOn5drZdMdniNK0=&c=7ZcLEe4Fn0lMI7fS1UkHmfHbBDFQT1Toa2OE8c4AWkNIDq4x08SVXIGbM5ndlLKfPxm1mCC4BIsfvd4Ozlvkoq9Hclxefvu8V0/pXbRt6QMgPU3kgU3HX2pQpMEZVcz8lAasfC6UOd XLk0fTxk43txhrdriqmMfM9Acxw5M Fk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=o8jLAsw3CMy76u0q/g9bHUy0b3jPv8mFHftmPQWdv8Q=&c=4Urt2a1H79cowTjencGBJv4lDNgB/Cv1yPR4nFOV0B5y82j7dx4EsJxedmfsyBGfEWU2ZoCWVx4HyxF9rirLRwdmL3vuujkGWbucpBOghzc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=x17ncop296zznakUx/37k5wjhH767OxNCj9n79NKeaA=&c=RDUz2IY8hgUtvoYO0Ag6RseR5Mu3szp/yhpPgdt4271Tsdrv PwL5Nr/jaFrrmUF9YeUDY6Y3x3corEWkflp95BsHs2 6jjDPcWiQmUbAucxX0I1 e8dG157xCqOcKeZD7bpNBY1V8DkZsmmt413basnIgfN4OnaIzOQxbrgpY0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=NiCm SIN CSldAHcmaQnAaVqdP6P7 6A1yMs1QcMASs=&c=rZkCrr Ruv0mE28Y18A0uKV3PBKCWKPOQGIeO1w5WBfH 9QQ/mLvluk8v/ ST7TU 1exalamYHeUk8wXG1CUOjAD12PtkgOjbDWdCoLpcOhiArnGfJxKqfc/EjQwqEFKl1/oHI20cvPoEBiI21wknYEJP2tceH1oriWO 2WJkZM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=vYo2ywsQV4gnMDfpRmjV9U2zhDKo3xe9zENzlbnxxBU=&c=s8Jmn7/PM40mqhJ7iJH9BtyUzXhvAeR1oWc6mGAlOI5Tr9NnJIcMPYe4IYTMohGL83nkEniOxF/94uIsv v5sxBTF3ZczUzAWqs0HA21J6n vYb3tyY5Y6ERsutIyY6ORka94A/Htx/5XBJYxcqaagWV33e 7HEMNJ00G9Osp4o=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=IIMVNPYUyF530TTb0 ywhOiDdD39mejA5QnDmtJZZvA=&c=BJ0dG4ofQxuYH3LKRwQ 2abnbWN iS/BMxS8RejksUALvJldUi9Lt2h4vinCX8qeuiP2c3kl6Is91NcDSsaBZFRXajer8aT8efOiIWNll aHJge7jGOMau1rZkDHYrWBHobJOruGvvsQi8AOElWLA3XPfdSUQtMCEsk8jTkXQbbzeBfsV4LhiQmElttnInA &downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=aMKiF9H28mtvJ5b7WrolSAwODpNvvq0LevlBqBtLzyY=&c=Ot8bK20n2AGgj/PI8RMGkaZZUsX/yypbkJ8qGl3gkFbKqKRBOcij9wPKkjV/zc0humU26Gf0220HvFTkJSmlytV/cdwW9LlbaRwP1qGWgwsHZh7h MZLibPAMdyxQLLmW6cMCLRwxhiI kwaUQQHhheMuyRjOYvJIoRCZhejcTM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=SM/XpODh68s45WYr7Cq8fNjDu9Fk90TdD6VAYTWILmk=&c=gOQUQme1cBNe4fVcu7gMte1KNZpOTXJOQNwpOJzR67zLx VLyRn2eSmT3IyY4U 8wn0QaJ40xn5Z5Jd/Ms77KKC8dZj4jwDspdBn4zdYK 69nyTRsXmBZ/CB P 91J5T2F2I9CXmzIUT3kORxLEadyB801Ns4RC0OuDQxuAo02/qPj8spZRevgpdLiJDu2Cn&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=bRPntiGlf/hrcfvF4MpmSOyRGHoiyP0RwKNqZKjFtIc=&c=xp/3OKhBqsyAn5PH2Q64K 4d/NgKui0wC 7724OVr5NVkAk9FmTCOP27KVgZI5hkLMhL554tv2tx2BPtJnPtlHk7VhS3 8vpOGLC8d3kIr1hbEW7PvCXREkg1YLZz37 Qryi9tVJSvhEtEiMa/D9jxRu7ElqF88gE/PEcC0t1nM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=fr6sEWZ36NMvCaLWvSb9LtREKK02Aa7vVeZuzBHfQgI=&c=aACgbqE/RmOLtBZ6NlWHZGuqAAU9xkmYMqyO/avKz9BmNQDDPPftMHp3GgHvXjo/gggPcHb8EVkaciDL6i6hhZVEF7ks3cUkJiV1ukjsqDa1pKpg70r4ms5h4VHK/aR5J7Z0h0IftDuoe dMWfmiFOuBXSaWKznmCvjOI/ESSuWUp6q tw2ywB9tvL9OmWHL&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=2zs9nEU cxBbscboetq X6hXhS4MFlZ5g00dQ4AmLdQ=&c=D/alV7NZyu0Nx w JHBvx26Xio7cd9EhHg7hM5wMJ9t0tsqPjHBpQkZIzno/b7 L03bb5P8NSI0JIppRUKs1Ku7zghZky6CBaCEAaEOwjDVP21UJxPQruaajo7obrK3Nu4qNL6RPWLMSQ7HS/rEE2mn8VE49kHXWlkAVwWcb0Eg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=MX8jYmxoYE7Xdt9tt8zYFXfp/UvZL38e6v3HMxU ONQ=&c=aL2QOjBJehAdrtqF7ix/P1cdX90FjRbJeK8kZHLPPnNwqt43U3zBXEEAadP6Ejkq85q4 Pm6qJt6h697oIIBNSm8TFhMa8JwM7LMU5Z5g5pqDdAWcw3bt7lRaItxfHcAkb3qxlQWEjou8XfHfmaewbn1KITB37WpAQOxH0louKM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=8VTT/pESR82XHJRcuImiT0lTeEQ3a4YmcGD7NmFcrNk=&c=PEmMMnUsmd7PoJ4W6PdqQ9Td0rsYMJukwlXVkVlT24z1wZKWP2VInC/2g GDWM4/xeo5/rAAUn13M8fEMKDsX QXDNr2eN/xEzM3Fseye/QcDDilCEIUaXKyHR6YXGagM8u3kfgIU38S5U5v 8naxZhJdx592nc Ffpnj3em9iGSFln3qN5L5i1ZzHg8CE s&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.downloadstowersguard.com/c?x=4eE oy4ULTT7GujgtlmQwH5rRQWxMcC680r8PtDRI8k=&c=IFQ04Mo1blcdIKgDANzKSTc9wIt/6oQRfcKHDOKk9O/rvBc90ZTJnwRFx/2Q/Eo n16BbKjtW3904LLioTfIq4AmidVincyB38/ Z6RjPFT4OqvMn/oZzxySOVHm6jHEJnFNWCeBc0x5ePoClQsnCBYrnEzbB3i4FYlsn4APXsY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.strem.io/download

Latest 30 of 39 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security