» stremio_setup.exe
Overview
Analysis
File Details
Downloads (19)

stremio_setup.exe

Lite

Quality Install (Fried Cookie Ltd.)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application stremio_setup.exe, “Lite Setup ” by Quality Install (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

stremio_setup.exe

Publisher:

Internet Web Software (signed by Quality Install (Fried Cookie Ltd.))

Product:

Lite

Description:

Lite Setup

Version:

5.2.1.5

MD5:

31eccf21e4c54a5fd2c4d9e26ccadd78

SHA-1:

738e82a7ba5c6c87bfb1b0279ee8928dad65ec74

SHA-256:

7a991b836e443c5e4040d7426de5f177ec4692ca50fcfe1c6b0f53f0a9512a77

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/16/2024 6:00:11 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.FC.Installer (M)

16.3.2.9

File size:

1.1 MB (1,115,824 bytes)

Product version:

1.3.9

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\stremio_setup.exe

Digital Signature

Signed by:

Quality Install (Fried Cookie Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

12/17/2015 12:55:47 PM

Valid to:

6/22/2016 5:07:45 PM

Subject:

CN=Quality Install (Fried Cookie Ltd.), O=Quality Install (Fried Cookie Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11214C5CC912A574A2582BFB6F780F00F102

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:KPf8SfpPLjoSHysWVhBvDGP9hpwNJX/8D6bZ6XIKgawcMWvASFKsTI:KXnXOVjGP9DmX1bQXXi6vG

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file stremio_setup.exe has been seen being distributed by the following 19 URLs.

http://www.2016delivery34.com/c?x=1EudgMi IN42ICKKETL1o9Z1O383ADoGYTsjCZULt k=&c=w gEq6rTU2Za9SvNXfy3QAJ/hWhRfZJsHvMXrF0ZiBdCXL/pD3W5mxeAsUmqfK4lcVcEb0oC FXkzGVUNEvnVxr7mJ3nzqC 2CCCWjAgfrhpl2RQ02t45isoqfklkET0jW7RMr 7k9jaiBVplmtJX34Fy4HuiqobOiufQs/8M4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=Hyya73 WQjKY51rm9ZI4sgxTb3DY2f9OpYKddaA7p w=&c=WcG2ocjQz7AuRyvkkLLxEzRimY9S4DZbc2czhNnMlVm IADLPeAyFd0mFj8ZDpzWU7r6505oZzHmpvH2EB4g93M/7M/YjtbkWOZVgdeZ957hNCxHbdWrntiHqmV8C0vgZ9X0dFuxcmWPuoAjPg6R8crC4YGixxgu6vGBV6M1HGo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=okv/QeYTrMkiuC60USKn//4LVdaYStxKJVuiOeaTUcw=&c=abir6o3YhCe0G0h/Lk4I3bc0eKmfCAwgRw5YbxTqF4qLc3eO0/HJKYS4N1YDmJZcwQmhxa0GiDzaI8NUg4JusnazjqtXh3xrdHCfzpUpUJMfFYWHcM8pxu82s5gbRPnYrte61Qcd7AVxYd7UOnWJQhm3uWrha4xUr2KZCAKbEu8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=CZEKGCrTnxNi1zhjuQza2gBWcWBDhSrPiI9Ny7y8LhY=&c=skaRZSsJxVvIS4YV0aInWc5FjSYhHyvEHgHj5JkgCtwexTl26dAkP20CLLCQdf3Qkcdwvyd5Y Y1sfUbOj/ZBHXQImv0D/SRLd6xd5j gdwK2QUxeVLvDgomfZtLRqIpQnT htkkkJ6xQudlOClS/9DwgrP/KoRLoMCpUzlWVHY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=pyWr CpE3aowBPnzLJ/bqA0SeChXWlygf16Tkf2hPxM=&c=b2Xz75K0df8OehW12XBINOB5xoJq m4QgeYEVru8E2YzRzIenyhBG8gKs qSkPCIhw96tBKjMM/vsAi1CfEb6QLwmJY7 Sv00V3TAvnRXMZ0wF5Roijl272erpNn7BpxXPNQtOyjboEh1M9dRsftvZUKROfytlRfXHmgyrDdCAM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=TsQUq4QVm4ziNNEJGG7H0tC2y8ySRiCBbIKcrzrn5Tg=&c=YTn8tGW9ws1zCKeDESDfHa51X3s38kB4A0eq7BBrgQYosLnut4xiWAntmeSRLDUDKFMDkLw/cNSYspSKtS4r824870qHEqz3qViPcbM3li/Uf82ypV843SXALkl7j7fp 8VRcwB6x1L6ji7TyXHZ9YUtfy2fGbvP0x0k7B4CFZY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=rRF0F0pgwcCNL2qMgUS89frWCN1EiDY6GHJr4hcv3Eg=&c=S3c8GgNlKFw81XRkr77YFM49OIS9G0V /B3OImnWHOa82W8Pd13LV3Wsj6IXMxvPyGJALx/ck7YTxmo9e/8PtoNJfR46sO4sOWip9awmPxpxL1i3gPwtm1bQv JoGbTyUPtI4SNeA3Sochy6lyzqri90xQyGxcxEQ925uowRrvg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=4sCtx pMmDKURjg1TeVtX1aUCKBI4KhnrwGCnkxuctc=&c=IZFcYAvzXKB8 mVFu2bol/9scAgUdYPacjCyA1LYPA jkUL52iQiLpLidQkpd2f9JdEPSRFr61cHxlujafzVCHM0ZWJyyH5hjWu2bkEfdXn4eIib6HtDXelvURLee/hxmB3rgbTHwrMiLAZR2KE DogSh3fLohvLrK4tbUHIzTo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=A ztdkwnKYE/h69TKgMF5Qer j5emAYclLuBsOVV0qQ=&c=DxF2iEIsusAWenh61J3I42fPzVZCfMCz3rPZtb GGsfnPzeEyOTyL/iGt0jAfl IegisiukGdEDfEwqh576XSg ZEhrGs6ttbuS2y6pYudc57ldE/KPSiyfezKiw09BkRjFRC 7T a0ctjchNjSKXbMZlSMbbR7kuJ4IwT8iVVs=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=DHqvpVNvNpeaGm5pSq9TnFvgMqAo/c/vF5F7hJrsYik=&c=Ay5rrPDnkEsw2yf3ZOY6wfcTLmJxOB M/KfOV0hnDetu2jp8EJnhkTjKew4k0bYrAI0iMlnRe9LPay6XyxSKWoMSKxVEPG0OqRL2CIKQgZneAXj7h6VJ5kiRtvSCGfvn 7KKgt 6N2hpgbm18gw0cEg3Sa5udhEZL16l PwblQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=IFIAy6NmwSe7i5lttOul9ORjNOflXiJQ9GifcSqfysQ=&c=ujxFPd icrwq7cKXZA0j3ZMiehUr95JvcSQTAn8kZBo05efFStogYo70/fa1zythzDUCFY1OZA jkS0qkyN/TQQXhhtdNLgbRNfal3PKKjCHB8iPCOM4fCjFuXPSBeo7YGNVSaFc8irH1lY6uf488fxkJRIrMpjFYLg4vkbE3j0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=TstREgqyjhg4KJPF57xqHjNxx9isbSVxMhqlf85KIU4=&c=3WaVQ49L9HfZhTXBxotO/pDfT0t DmAbDF7/CqRIPuBMrWl6xw5awX0bwE6mO1l6WsrrrR6cv1DUUKq4yOSFP7gTl1gfbok WFl7K4fvv9WpIUE3mtLnh1XDSI0uH6fitEcpnWPdHrFuuoyu2pBMY5IPVtOAg7bkleVyFQS1DcY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=GnTxyakcpAqy2y/wSBtnQL1pae r3FWEGlhO6JYjVfM=&c= tptwFcJ0REgxJ1Dz/uyy7dBd4MqNDSb/CzsJicdoUTO4gR9BfI5ZRBKll3gsK9bvAVaM NRHeBifJT7A0idAdkZQFQWZhhrZnAgfDApIc2MhhZ9R/LoZ/u/Pod7VOeuKDpEEOlHtWNHgaGOBoizngpGB nlLSInAv ZlnIKu E=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=dgOvOG4DTZ7jT/DsV7baG/d7v1YHkLHvJZOK0nlkvAw=&c=XZp8d/gJInq1o4M89nQKeMgFZIxswjAhjITa19J J1CzxxWwAUKab1YH3tv8FWQ U21nOlupIgkabhfaGrimhqiOIX1xwns vjamyLyN6TnOlzOd3Os0UaHuQju jJ0HD/YVgVfJ UIB0hku8rPwJxJyuYiSdwvuV2bGN8jBxeU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=KcwsxFLo5AX8WosQNRBBKA2ijqDLx8CogO9/Y6sHK3E=&c=iQKgySzbM9g9DYJFv1h6J P9l2sd6W7s/JEHN48 rlMrTuwgOPzKR/aAMNCX6F3lpQoDoEzsSUV3at02mcIE4TzgLFdk3 ywyNoiergGaG7NFH/ewZoC6b3ysG8HX591sVlY/fduaiHdmmw24mTP9Ad45nfFlMMxPZeNUdwgmhY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=0PxsA9lx2C66GkVM3zIYnnjZLmsd5wzmyk9Kh3C4snw=&c=RMaReYvYSZJiWUY4jczhRliehkqWbj eFIMccI6R48fNObvKdP0rXA5a574PSt6OQpYPiUaFsjD6xwGaSHAe7AVcDJd9PQ6je8MoENZjTzTvEVgctHSMPxEd7iwcTxYpQKmzhiey/fGbGl1hjWg hQm0ue4IKiBLUKdK4okldiA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=LCj8rbJj9 Zna0GxwLpzlTCcBac0A8VwWXuvLVGJEU4=&c=aMASPTs xo/15s9bVpzbgWDXaJ sAFGja42ydDfjhENPbHNoEzKn0b8kdoHaGxg1WY6VQet5ljqRNRfHS aixLrmkZ D3ApZ8wm/1bwKk0foxONHjJ5NuNNg8JAa0hs4okFL1x3gKNSojvahOITSF6Fj0N7qQKoqG2ilQaciqYc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=kBd9BccYw4KGdYwoEn8PsWdrkWyj3MQvUdmL/sMYzrQ=&c=F79BbA8gTAt7Qmxmr4i4Ts2wbe4 cnb4Zg4laNIXQUbQ25oAx8btgUyI1tZXk9GtIW8j WbMFyPj/TspATmO3kXAFUOMderwFZIKVrFLSqa5zWSIXezogS 4vKh9Iz8l1TLJtaxCONCZfYVzHn1tlky69u/1RuwqeINdddEyRNo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.2016delivery34.com/c?x=FQqFPmtXZ2jsY u gFVB9pjmvcAx0v5FR9dtACl0IbE=&c=i7YroF9czDY9QIuRyXo310FJLe799JUOewywK229ljsFlAz BTU uXImzhrb3e33iWzI2z/fPOfjVg9I4Uz8zC0GJpwMegevRLwFLuZjUOsE5nKflAGzt I ja6sLSEOBUyA2R9ZQMSxa73eewPywiST38fZVxxOFOBADwCnTxw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

Remove stremio_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.