home

stremio_setup.exe

Pecuhi

Agile Delivery (Alpha Criteria Ltd.)

The application stremio_setup.exe, “Pecuhi Setup ” by Agile Delivery (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.quickbitspackage.com and multiple other hosts.
Publisher:
Agile Delivery (Alpha Criteria Ltd.)  (signed and verified)

Product:
Pecuhi

Description:
Pecuhi Setup

MD5:
8199d3bf9669fa63e6a9e4fad2f54b86

SHA-1:
7e4e9833087cf49e170a790057b2f3c6aa928685

SHA-256:
0282468d0826ae4e3e5dfdfac0d20c6add6b3d24723d4bcb4ffca58505d9a741

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/15/2024 10:34:38 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.AC.Installer (M)
16.5.4.17

File size:
1.1 MB (1,141,664 bytes)

Product version:
5.1

Copyright:
Prog

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Digital Signature
Signed by:
Agile Delivery (Alpha Criteria Ltd.)

Authority:
GlobalSign nv-sa

Valid from:
12/16/2015 7:23:29 AM

Valid to:
9/2/2016 5:29:04 AM

Subject:
CN=Agile Delivery (Alpha Criteria Ltd.), O=Agile Delivery (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112167FD2CE27007C69C69FE47CED0A20713

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:LupwXuZFswHo4VdDQjkIWhBgPEvQHmw6nGIn3lryV1GfLvE:L4wNLQQjkIK6PhHm7GIn1r+c7E

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Entropy:
7.8929

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file stremio_setup.exe has been seen being distributed by the following 50 URLs.

http://www.quickbitspackage.com/c?x=/0uRIKP YgTGnQnjdoXUp/ w7AkqhLXhsXiDfo3qARU=&c=LIpyquXHCcjQm0vY0Dfp5/BpF/htumFf6CqlaauJ73sqGHsxXvLcUK7V1k01r8M/sCcKsDTQxQi7JBxORzwTg8V0TQLp1qJb7a60M8vcgqEyvrnM5c8im mjxtVCOzbxMDfvwZFYSzlNmo6fv76wHXsuymnD 2lwMS3UXEGw5OfjP JvEiT4nHriMt3/JKo&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=mCfTJqMbY9Kw9tOKLNuPbSDt3wr5KP01kVcE9ZJyyBA=&c=bWummr0Swk9nILZsXxw2Y7/Wpc1AG8UjUOKhK4dnhH46TVq40w35xE2UIVDSR0qlWWq/qOxmlRUb37p5IQdAE/C3BACfq6fGSnhu6wh3pwoNsTIeAP9iOig0Nf7iFm20YKSMAshfmu QmtLIaeod15X/WUZM2V8OfB U2gxuGKc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=2YUUoEU6axCuqsaisiK3cxnUzPCA0Rs514qnnqev z8=&c=YjHgoevFs5e8MPCLDF6g7PKJmnagvpxwF ivJz4L1twfAQVdAH3gylFgbdIPo/7YSWrb9OlIHXTnvuWxx2PxFyTPauVa9UK3thgwP0cSRXlNEWYWEBGpgwI2WWe2HaeM8Vgy7rzZZI42WjG72kIwG/0NwD/6gZ5SYoY9rUhnidnxilwRWtrS/oUL5hwEFGwy&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=8FSAfZo24MgEAt7KCAgdl0U8oeu6Z/OffAO4IR3EIbo=&c=/XuWytbnJmn5Yx0wGxAHcorky2ZsqPoH6TqJYIAj6WMsvACh6x3sURENG4AmbyZhW6rAg2X57pq5xu9D74dLLVCruggsQwaVDF08dmxilTo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=MdjsJRC1eBLNDnIUEVqaWz2ICh9C1ZFbiYWrHN48sj0=&c=GoruLCqrQc9mxtSfS1Y2FNtzGNru98zdr1DkY7KJlTBUvltGucOk6GbKDmICD9E3VWrEPeudhfMoWt6s0xRjbUmHDb5VEL4EeDtzYZKaiuexpreGEGx2vscqIZBzJt4oIbx267rSTeko7wfM5Q83rVXObymAiWZ9rOT51dSYdaBBEcsAnX/nsvygLbLUNjz5&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=uRmvpoGnbk0tMYUm8cxy2nus1hwyU F4 e PuqwleOg=&c=NLT3K8eBCeLtsRnExl8VBOq7GY4KYRTRrG mOSrGAgz7/vIVtQBiyoYRgPBzMl pM5z74M7VaFA m47KFQRAHhZBsjHMcU6l4JVMQTAPv7LE84jHL8pPSLe JMi Db4hpcoBPJgvWspwd EIJ/ojwYSqkEs6qf5zi0yFl9 JuUXLgEZMYGXRS6TqXty0slQY&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=bauI5EZ37NE6Kae tweUhJjeY7HjeECpfMoL6UQ8Q1s=&c=g5MOnYILFffk9bvFHIRl m0q pqAWkQp2XUoEJwq2dASzNOE2dVELhQQ5 cR/proCBZHV7pdP4x9JybF7GTEdaNlo1c3W3cqjJHTDOjynNOacof6sCyBWWDDc95V4bp8eq 02qPzBpCimrnySi5C9PuKp/a HGivs5a5Pn6nom8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=XvXO9T Hut38k/aVjzOq5EybXHMSIWqJTbT87guQcfc=&c=EB/O/L7Mlx BqZbIQncHOzXCLIkS SFGSejx6MLGa78 f9Xf IKIc8GSCYw2h6FK32HyKnG2Cc8bJiEqjRayO5GhcTURgrdgzXlQHm4ZM4jQ2Dq25QsMmVFEHxTWJwGwigng LcI1aSoeH6mjifXxJtmbqlGdxuLFjWTYnGFqzk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=ndxNe2jDjT2tDwwifbwguM/uFVes BY bBBycUT5O9w=&c=n0XfYiE6jKF5xvk uQOrtbbtR0YRWYe2E6CTryOd 2C2MoXZe5sCVIeKoN IfL8CvciMBF7ThdtDZJGPwCltM8bd8XExKCq/eGDwVgFIwb6ONJQDK45WCTBonnQvaiXPMOhtpA7oKRW3BMx3DzvPLMoFhJB5uI1EwUcRUKvNuyvCdcjOUZMtcOZo8MYNbKnO&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=3Q2e4OcP6c 0DU6hBvgd8nCKrSflgpJB/XrRXa/Xl1E=&c=zVRCf30D3zfA7F7dBD1Ad0BhIIztyFMeYvzv9Yq2HEH2RNXPCRsiRMUoNJczF KuJP LhNCKDKYFjdCyWp/3eg2nTI2P6GDpGg/aasMrqYiCw7urJiHVHYn5IMxVLpBfbYBXKqumlDFLtn2xwGmho9apGeqNiPkaDaZhQ4sJ8bs=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=uvrPUnUO/DLYBDTWte1IsxWPT8nQvY7A RQDmHIFse4=&c=KN0CNy4NCVnmkZR8qMBLOwV0dxvYPChJCHaGAqOawfDpZD9VkA/QBrNvmWw809kFCUtPK 7FiVsxaxmnCcgtM/XZJguaS861uiaJflDhREIxieTgelsSeo/NLFLTDUUzQnAymjGcF6S9RqwMqLA5buTRYjKI2Mg0UYzHLq psj8rjfYKZk0F4CqkIG31o3iF&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=wxtHqZQITvHZaQcb7K8CAebc0UznjZJTThWtFU2V5o4=&c=HZyefqaw7HqTUT4WlDwoq 17qjVJDxHnGmkQL6WC0k9AzyQ8FctC5WRNN0h0ZxPo3JYOjIfwUuxcAbTgZIMYBa5SgdOKBrbWOmEozyhD1mNlPrPL5jdosaWIM8gXDNu3HJvl6rn3YssiKyFVx4 bhgHsPKrePfj6RIVaSVzyejg6o3cB9/CgssX2bvhXH y1&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=Mk1Ct6CUaJSfQx3kqJRHcTEu4/RrSd9N5GTj7s1TUf4=&c=kL4v1sJS90pBbUws6ZDSXQmIjw6cosA9uraaITC4rYpyJ3w2qOXjKZOxv/5Wqns4oUNPfZSXauUfQoJ39NTBxSR1kxc7wkhjnC69DVaDR70HUBXdYlKiqM18MbDBHjjUzW8m4o5dVOAjfcvoELdcbJHj/8C9BL4ggBCiFmy3yvM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=D8zN5vLe0o4S2V9KI284SAh7TnLmip0I65vbJjQ3Vfw=&c=PLBtvLnjfObdx4v3lIpT3uNPdy6CLpEccKtrTAmX9OerbCHSw9f78cmZ2KeEuJOFhON69QCnUSm HyhHoewmwKBkk9mgfvGFEmL9Q6cqre7A3yIZ96r8RajN62Bge YeKQqWkiCcXuyJGFYfHxfVsmm1zzewc8rU bQ2H5eIrm4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=ebwxyPf/TFU/yEhbIPm/asXIdrAyUz8iLLpi7uA0Avs=&c= /OCDJOiBEERSWm9kwonVKcXe/LMOwupHoxM23nmPld7stx0PDPb5rtCULeMDeKuG6xpFdmoqaaAUxd0QWSR1iFy92bgaOxlhLch5hlXw/JND5 9lUkpDAFZ Rxl5KtkJ4Ryj4Nv1kbnammilTheVm0fCisu1YWbWSvduPcn9R6u1YJahoSQkjyidPs8GWPv&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=NJ9zbXYfUZa1Iz ICjdf/IFfPe1E1DYfildC5vs 7Hk=&c=xg7c6hkSq6x2fJ7Ag ENN00XwI6NZYb/ZBf0mZ0ZlzvXl1B6yqutifTx5kubyd r5Rg9JQ/DMerDhluyVeohms5VPGzwFPLS1TFnj/7b6Gw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=lwXYXn5D3n00mSOj8hRKcPUCpxXUCSEMjwVnqcWxTYg=&c=Ydd8ED0hF1wFRRci8 66AumDoqKDhhEKf3107AWExyiR QoNpklk2RpPSGfFDt0DKJYsNDkJ7QuE4eaDJXodfUevvmDilEys7QRQV2Sbkcyfu0Q6fUQJ3Nsz7oQ1IC/9bXyuj/W39x2h0Tnl8AETqv78KAfj7Q/Me3j9vapg9hCjMENpDCHwRZ0hqn1BWUef&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=nm36n ynvl2QIIeC5ojUkFs x8nB3nTuyIBXqyTua6U=&c=Nw409UD6pCAW8jOFoIDGeITkqVptBM5viuLX9zVN2yxCNSTkITddb49tBw4rcx3RrFriqXZ8r3gm041Bs8MeGNZ5M8IMchsTQNrKyYwLxCH5zKVwi2RYP0jQ7178 e11xdT0NAT0gcyAPWvATMboWVhKdBOarNQT7SeNLcNbgHZoXyLQp3a 7M9z/UV0zfTc&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.2016delivery34.com/c?x=eov4iaIKSQot20QlCE35J6CrEhycM3UYROPZBELli6U=&c=NSZYYpVKK9TXMOC15JHC5DIr6V2nsPg2CpfpT/xZPmt2cH901/8zMWFDMfq/MiViQiz0HhXc/ziNa0Wg4PoyTl6huokRFEicRWWeX ViOus8QwPqeW1hfjRWElXc Y/EIr FyT4LZE1N1pEfdtvCQsitt19GXoYgxO6e6zucxvo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.9.exe

http://www.quickbitspackage.com/c?x=7EK0cllxpP80WgWw7WPn7QDBLmuKLbfcMv5hWwA OcI=&c=G2ICU9 jxIv6rJWjIDn4ibfFOW3qAQULmZQH12GbBYqXn2fsMm9B oQ2Y5TOC49XezfHD7ZTorNKhn2VxM L4bLEwKZIPJnOGwN7GSDFhZTaFp7hD GhT/zWrozGo0hmfJqL62TSt0/VJhjv6Cngu ftOiNRopYCLlQwunSwE8g=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=gRxvp/UTvPIRAgt sCqnCeZRpS2jJeIepy3NEUTJqpQ=&c=ywjdeOeYBPsX846LLB8G3tPpKjaMnvqRk97gVYe2kKykHxtXXMqFTVyAuiu/H/mnDTtQlSPBjcFZmQI9yfblt0K6d/utqWSiQ0aO0eFvU5xqVgY4GIauKP QS8F Qy41jLfMQzacnkhRTP1K4pswuSc4yoV8LV108q8wcNjNN7JplfjwQLTmloxb/SqpFI v&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=wLPWRjOoGijM1AoEkCsKg1qIJD4gTp99eBL43qqmQso=&c=YpStGItS7jN UX5IGewjUMFNeGH8CSV J/m1yA8fZjyKshua9ao 2YRgLtS8XzPXZeapwrZ CGjtiX65bLwQ2fxg c1BuS4muWbjCdOitcBnDYq WJxMT QQWhqowlk/h03bXln/44O0mDBURcadnJ4lekX2Z/EGDiHWiX bw6g=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=PRf8DwaRyEfPoTYEVNsc1Pfb38zExmrjPKn8MiKHOns=&c=C68PLuxlv4YpugwIRBwNbLzVuSU7wp1jmdpsjq4KubD5bLFkE0ktOkBW1An58o8NylwMNK4JcSnF PqXRxOzI2lXtzTCe2pC3nXqdwB1PD1I66o5Or7itXjCfWZgSA Q7zJd1U5m 5kn2115 E/zrveWZkvv1XAoDVVN7/GdIZY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=5UcBIA0zGQL9exfZtqIj28slzKRm8c99CmPDYl3jfyU=&c=z4ht/VtlfBdoBPJLS8DAQM4uvFDp2U6r7ghSHw0y3 QRiTPNlDgPKCgv4EECgQVrAcmCjmCYahevd2FGyNmVM2Kg qzeErNnosxuY1Up94hFDuFviEYJB5i43AEUFnbBi48K8RSAXpj0PGeKS12BME roLv FLSeqtpq6NAVY7oAJJxJ1qz75NNzunsY5EGs&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=9gjrmAcQk/gR8RlNIWRFcTB KjBISejfvkd12Omt0Q4=&c=6Hsr2G1kz60faT5Y6HEFz0zzhAZ3xbO3gkadkfiPuRyo8ES BTzy2gbw1ToynJIFeODPI6lK5r4oOzo7W1oHFJshunR11b/94llLSZPmfaMRqLNUAv sGmrlprcW8cdwJVjq8ZbtxIjOcX/90uIUvWYgQ0nUkLk3cfRIeWWDT7k=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=ggSea4vn9DRpvsa5HnExf0FTRxrGcWRtdKKEALImIbg=&c=9Du90ZecZCk4wocp 1i2vI1 rbL3ZQcGKMHLeZ4IEhKqt3fsTBZJLiZv4b0SQjjiSxIIC33fVZVhoqPUhajYCNk1XQu38rUDAIH2Rles1YpsyYqiKm8vbHCXSJVgAs1cjWkcxLlARVTFQkAx76zXmh9mjMRHYK3jtaTZ0oGiEX4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=VMOFZYxOpYPLE8xwRnwFg 1o/ ZmdBQuu3H9Szn9bdA=&c=oBM1PMduqdf1FFzeit2dAVZLzkRDBPTj iaXChcA6p/mol7FUSUiBiKWaZYKHJEbLbXTcJ6T61GT3DwKrmnx fOpCgSzxpMIM19Y0 Xc5dTTsHY35nZKUeM/Zd0bTu5AxZTBjEEPg5Y1BIzF 26U5ky3GcoLIakic8C/78K8bLyW/IO7Ny7xDhdi hdorYiT&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=uk0povaClVay3SeE24aXHJ3wA0X2mxb0cvc1tvw4MAc=&c=gKpjD1nD1MgEcneo2LjDysab2xQSD J3j kpjzVfAF6mcXNW1UfjlqX XLpQbqFW5e QhSYE mAXfYryXhLSg1SwBO6VMyoH2jUAnOtJqTcjCPxMigQfLt7lNwr6JinzxQ6pmnN7ERaPOCu2hXww7BGA7Li4Fs 3QugyOqIwUts=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=p8/cjj5pXGiqfOfMN63PGH35tAXzLNiXXk1LNRtCeww=&c=nkoyVh9MSPKWSqT4VSXkNkpLqGQFxU64VQ2bjU ZUOBEFlmpZzmAbdVnaBr6OkVGKdDKVKQ0ILu5rggjv im048C7ZqJM3BRGyHw5JIq29ZqCEQUoS4ZQa9FVfInqfK2GxZjs5tIZZM2NT/kH35Y17ajNLtl6YnGxeN5B SetDFWCJsVyq56PNskNYe5Tx/e&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=zBJnFU3x1LW436ogzPZYar84ycCBZLCi29ULgPyALyg=&c=0EFK GhTnLULClDf0e0QjPy2fRjgfd5u3pkbUpeMchF3og6bOtjfXkS7kLkSy8LE/lVZN7E4kSyiIOCYIiJF6hgQ3HOWMhCI8SelEFZV8u5yp9ANAhcy7pvI NigWwis3MZTWraUNrGkvbiPA6YXwI8WGHgH 3amxsbZ3FjORLo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

Latest 30 of 151 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.