» stremio_setup.exe
Overview
Analysis
File Details
Downloads (33)

stremio_setup.exe

Hetokotaf

Quality Funnel (Alpha Criteria Ltd.)

The application stremio_setup.exe, “Hetokotaf Setup ” by Quality Funnel (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.stockdeliveryapplication.com and multiple other hosts.

File name:

stremio_setup.exe

Publisher:

Quality Funnel (Alpha Criteria Ltd.) (signed and verified)

Product:

Hetokotaf

Description:

Hetokotaf Setup

Version:

3.4.4.1

MD5:

db4a7610e79e4cd4fd5ca6ef8584d540

SHA-1:

841d441cc5c210947d88f5c8e2acac84c1cf2286

SHA-256:

50fd3577fd97eca051f54bbfb912849c5074ab408ad2e1007621df6625450a2d

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

11/15/2024 10:40:23 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.AC.Installer (M)

16.7.5.10

File size:

1.1 MB (1,136,432 bytes)

Product version:

4.3.3

Software

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Common path:

C:\users\{user}\downloads\stremio_setup.exe

Digital Signature

Signed by:

Quality Funnel (Alpha Criteria Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

1/6/2016 8:30:27 AM

Valid to:

8/4/2016 10:03:40 AM

Subject:

CN=Quality Funnel (Alpha Criteria Ltd.), O=Quality Funnel (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121375EF70E495146E71E4ED38C778E06A7

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:6iKx/ti+lHBWCg4vfjdJVthgXhIbvLU7QVfr+Fk6xcJ4oBWYy:T6li+lHBu4vfxthaqz+FnxJ

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 33 URLs.

http://www.stockdeliveryapplication.com/c?x=8E1Snqcp7qVUHhU7Vcu/H4mz7 65CbdvHp5a1RJ fqs=&c=bXZEe5Amk/PRsTC4dfgjmaT4K8MmsMikT9DjJkSiJ4gOgY/3wcOh6h3EI1PQzHTMthD4rNd1dIOtD1v4D53fGVRPP/d/4XuqRGaM0KoaNdPhxf2rdvfHb385Hr8GfyPqQ2VAyKPLtgeO3nZvqyT3mfxRlVSTyLrAIfHQqi EQ0w=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=D8Mr45l19cptslbHoN hRrpVMnXj4 Hjyx5Q4IvU95U=&c=6oJFY9SLxdWWTa6tKWHvBBTbxjOMwXZbY9zA/W 6f/kJOFNt5 NsiChN4zs8rAApPPDvW/ow0xxi3xGFOYtW5ffu0nButDzxf5zloFTSdzT3dPrB1fnoM9mCLMxK51x08VwezaKshr5cTiP2GhvbothgBieyWAWME11xWVeTj74=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=nWP3rmBtKR/m3MH0VVaBBVZNWeuU/6yhb3JHrqVgme8=&c=g6ZbaM2/IWJCMKaIASHEhKspKVLmu/EwG914ukZbnxNwXJhRGEkaQrN54bvTYT1fDgq7ebMK8ODN5CzrRmUneixZDU1eevSUJCa3U810rEQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=LWp6hnFrs9lPueKRuT6JsmwzlF2UQ9wjaMJBmExnDKQ=&c=NgHoKEtCgyC3ed9Hmym/JX73LDQ7gsdVFhmdq4atWzWNp5ybkwmpKI6YmLFuEwpoJsg6Fy3ZXbT0Tbb9OTMOr 9yyaTuNMRYB8cjPb8z CU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=A1RBMqDNZCBhgiOAEY/hPYZgtClFrbeV1PVB8yGmNJk=&c=SnhIFaQYTnDx27Wj6BrianBUOIljBVegu57sZlmVh mR 0zwD2kQxH4kBdnVhyUxfJkuqNLgazHTQjZdnfAaYNIUBpM9OXD15AaqFMx5HWPyGeUN9e1WFqHwkg7DPTc GLI SdLLRVbhLskoZTclDQAQRXUtK2ZWDJsyqpYkosc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=bZEfJGRs5ia/6/S5fvcoO2sOjI2Uyx7n9/sv8zyhRZs=&c=icvXRRr teZhgP9/vEl1CFiKNPPzLiI6lqkRcEo6sbsFcO3m5h/Oz7zP9ROeUK6uZrMNjfnq8j/CC1yMV4NJ4HjyB0UmK4N9mik/qOaYD3YkRvdUC0btPDsWg2w/mTn/tB8VR56pV owtxCRI/8MKv4Zuq/1nqlACo4KiusCLZ4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.2016delivery34.com/c?x=LuU0eOVfYmTgZKKmrd7BjdVjZy7fxnNhIFuJuPfYWS8=&c=HKsTjYO 0yqhjUcHxq3LE3U6/Ov75oV8HQyWbb3OX6oP4ZrxglZx2er7dSigGOSGpqZ5XwdzHZUhL arPK88VwXyrMV4yE9eh4AVwR5ifoyFHc8r9o/I4b4qiSYokdVrOWwXrchVQU893ctfpNOsyFuGLJB7tWdaicrqLUa7Tlo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.7.exe

http://www.stockdeliveryapplication.com/c?x=BtOo6Ph uNHEpz3b9K7gkKfYO bty9tJrn3PGLXpj s=&c=m8sTg2jYRT3S8yds9rc5RDvzLt6g3beDF71FS2xGzyYBopGcR 0E64ZExTqtVbr2DLj18uk51DrQAuydtkZrK7/uDUrlOOLfTTPRx15Z/KU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=bxQIm2UhqNMgTEwtfOPpHOJyiokboC3ki/TQHlDHT4M=&c=lR2pw2lflzTUVkN5pNB2zD/UF8e4oqZDEj gj79zxGLtJgle6YKV3dyMcfrGw8t6st/FR3NcXZk/0t913s0pvflQv1bNq9CWd/JbeuZ/wFcTNil7aQX5wtm0/Q4nnNSf9LKXKvRWftpACIIS5brhhAgDUkH64PDhR/Gjpya3fCo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=nylF8PqODMPCPYIvmdETwBi0wqY1sbkdEkt4dw A7Vc=&c=ZEL3a0FNc9bbMc4YG p1w6ngZNjJCDQ9zawlKZIS7c SYBQZrkiy42WcpG9Tz0MHFYYwgQl3oMbmK1gLdBdJmefa1Le6QgrHn2K/HK5gGjSlIMp6aKOIiypOidc/H4TM6px7s1JDz1rG5MMFWnAyIhTZcpSw3u60p1eleQkBVcU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=pDrmf77nQjxSMyLoxrYKbHXz1ZzhG5kBqByx2y4q33Y=&c=td2hV RE0XCO/twTcS9z5QtU5y2tMDxO2fQSDTYz3HZPk6RhveZCW3dkcyZnhXPT LwMHPFF9fv6w3dPHBEVqvBRFooWMxoyhZ2Yt0VgnJTolDk36eTUItsJAk F4hol6rzjtXcFd04qDIbAz393lQHl68I7waGAG0UMfvCwg84=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=BrB/hFESkr1OLBrp5EdPNyGwsoPumCudZbnxazpjtac=&c=oVj5q5YU1xkw290ezKOAClNg4FXix6urt5IpJ4ME00VVBRjgevSls4ziRx9PSjjgGiuUJh5GPvuS3h0 jNJIbgNVawSdEvi1mswfFPbkgMqNI7lr264mC1bYvVbMHjb9yNtfYfBIxi2/jy4FWarsFlzlbXpF7 FaXiaEWNVlCJE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=wW TOpWESTT1PQwzQVFNbDWIFswnLRVmmcdGUhrPvJA=&c=ZS02Rug26Aj1rYz VB7kNOZG7BLpEluZdZjpCUQns feI5eQP SY7AslLOggLQAccYGHOJh4TSxr1y0TQWoJzJh4e5S/maLX3BdvhyBw09Dy gHwZQip67BqVQ08cFdfhUftSLZosUsFJmLxo/oRY1lMFwEygTM/Y/I4MYxc4i0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=/uo5VFenJVo/Uch 9OyZK rnaW98xvJ5B8IYI94JxA4=&c=6eAU9wl/d1k8RhnTqoyiEYepd/PMGwiGRHzDUS7h 8nF7loIaKBH3cxUl9aQjAbUSEoXzRwy3t6JRr3qoRC1z9VVybO5AxXRE7MGjsocvjvEKsf9gdPakuE4m7D2NXWhaSqYvhLfWvcYfFOprbXI 4y3i7CJBJ TVLoXDf5rys8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=JbXPLy3opR7f AoR/smKaXLyTRQHRupfvvYFnjivWGs=&c=4AZ4f88pt98HDxj/IlH0UuIMIrvaxKXr0vyEyKBRsmlkeKDgGQ/LuJHRTXLpXljfJdpGsEM9PPbFn7vRMmw7SsCKENa32Ht /fUqtj5Bm4S9jCZXbT6fRm8JYQW4rJtp3ruXEmUvuYXh6HwADpRjHDuGhu2R1BolUJJPsXQ4NM4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=t7WxgHFQWzhVzXl2FCdiiV9ZUrpVkc8FeViVmlCALBY=&c=qtmCq0KTq1ImaRMbhQE3X3cFE/RN35o/or8KhVdQAsawB1B VKlamnQHyWC0Y33dGOjwihGURh8hhjQwW25xwueCqwuFGPC3WXNvPRebLgQPyxvAxy2SZ2f2Zl4X3iSSA1QwJOqHJowyF8B5WTwChiWoloZdq/j/E7eeoUmPns8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=hI1jBwQSa/dHVmv34x0S5b7AZMWvtIGG0warfRDPIMQ=&c=7zmoYbCGVn48ixEMOwd1WEj9w2D cWTDqgV2OnzmNlvgJUgdpQDw72vqZMuxytlmritusleElaw44iAsT6Cyp OQaM7Bt6Ggm6XBb2EKu2sPj0QA vcilm2ky77R4pP umdlt4YRSEIYkKDp9A1OYuUyiZLZPsQwO5l0XuDWr9Q=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=zoOsw0vMSB91svZ1X8wSswhSUfd6K473Oeb4qvTLjCg=&c=VFlMcQrtqSxydG5NgKao5PY02ehqC0wIOaHorUJA1SKoFVGihaBMaDBYebDJr8Rv7qLge85/RNNV1NnZeRK4KWztktU5jJz34h/ OUQlmU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=ZzmPr eIqwX7Lv0n cavh4dqsN0xg3fpbDAE3MIzDV4=&c=Lall79bClMgmKc3ib7XfZ5Xz07 w54OyGHnpu0VSyzl7jqsH9xYFJ7U4UF8tuhppeOEIuoUkdNEMt0dFb/XUlFQHPKrS/t8uKx6VVYPTbPn3W3iEjPFprSndIqYRu0Bi8jvWgppUsHSbAa4YB82EC A9Ch7f5DkJm9RMUJqlUo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=9sc/WBy4G8/ 57NYRzwbH0d9I0cotE3mk41U9Lym6DM=&c=WdegX sKC/0EsX2L7vOooacssDSfK3B0DafakDOlCeJYhV0yY NcznOeznK60dHFshmb4zNzfj2TwL7UrBd/Rw2fnZ7B1Ei4 bTPhKHUtDf0XOsjAifvSrYFyDMjo R9TKc3ltH2AoeJjROKvA5qfeC2rkIMuDq6bixxvBDHIGg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=grUHq0mO5rVZU3P0Vp7ujcOGRh8dD0/QKI7D6A0cPpE=&c=jEUZIwuIgRz/iTP Jo2ghbehWlfPgjwHOcyGl5TyuAaoK5dGVJVvTqQezM2/GdTsjzsmjjB5cqyFZgQV0tnS3McWm 7yfOZA23xHaLWX9mcLe3YmE7bWUMRiMdtG9bGwiHr/7UJg21u4Ip3oRDw3QVfmPbytFT2WB3UG42fAuf4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=jzsGVTl6D5KY pfGmYpd4p0xYBUCTMYWbZo JqBsEtI=&c=ve/9TS7um6r1x5Od08eCl5jGNhpQE03wflz1rhOG kQTr y7HxDQDVZKQ1WhRixRgXo18k1Rb7f7AtZe9Y3naajVy/XqIDB9LgP3wJYp5KyN099LsLiE4/Xr6VY18GgarmJ87SG4edM5fRgVArRDieg88eJ7C8T0/JHqHW0tQ6s=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=tBNbGyDemUiX1gmYVDchj64 VZvRss3t rOMsf6Bqc8=&c=DAbiA3DewWO0rEIXaNznXk9DrKSAm8qTJIMwcDVqnJKR6YMQ7TJbxFHVitnoAHBwDuyNBFqRg9erawmQSOpBNYjcbDQF5SlUyFQ SWMPk2Y=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=1khukOLQPqjGX81tJPVb11q1V8BnBvnm5uCUT385T30=&c=wtn8X7HIEACxlwTCeVMSx3BZVERaOE28BdHcSe6vt5 yfCPsrU1bfCd1lnqtgGcF2Tk5lLyJiEVeTiafO1oJ0Qme7E6zlFfSdtJoOUTMjTv Zj1JQEWqwx5i8Zv168SiAJ8Yv9NpfHeM syHilknewQhgEbIsT zMKuoBkqHOLM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=N691CtmM5yoRUS1np7Lxd230pJJsdRqe7LPWK79ybs4=&c=mQIj1EYXKJQe70styR Y5Z9IN/Us/eET7uULejW p9kIiVxAGT oJmYTtC5ouf ifKua6IDATc8nsSpXJcS2VtOhO8D1VVW8HQV2EieEVf 3rBypn 5IJc/mEM9eUzE841uK P/oulNGz1tIHbvnzAaLmYGX90eVaWmJp0D1HQM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=Zz1FJutDa34CONxtW7t182/XrHUTTYonyZFp38QMJ3E=&c=M2pk7vA/AlaxHlIIOIjJLX4n7HQoVgZA26Ngf3ncF4VpzFOUtWWJ5IJ5Tb4UUK6KvkN6u7RBHXBexzq1useYQJ4zDlrmsSDuqy Wnp4/BvmqYfE3L3JX82inTdG5WuyeZZDxep1dZkLKlwgKIq/AX6w2PAkQt1QQRGuLn2RJQtc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=gKbdLVepHhpvkSUKAunfjpad3CqabEkHTsO3GdD5VR4=&c=J2gR 566BJYmI8vNNM9Y4//WT6iMh0DWxN F2L8GAyAmywcthyJILKGJGIDTI5Tv3LzaMVyEbkwgTv8JytPKWzDxnihsjUWXIKP9QrTcU1hk p2Dm3uO2P04antZkyvdCtFOI0dJjVvw3ItyMgCeHLlmVigsO4OpK5LiS3yq6SA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=BnXlI/p36eOkbwjivEpbrveO CSFqnmoJbzH1eNBNRU=&c=CkoQtKtMid4x0ys7CvG4rSThdECt7vwJDyjtwtQ o9J0GviYGIGGdL2UJWDqwIc8D2C1/p5ba/kXPcRyOfYn3FYWyhCV9MrTaUAc2k/I8pdVdWCyyshrIAbzK9nsx1HSi9fUM7Qv5XPG1g fBmusmBorgDjLvmZQ0laaFiNWPKI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=OHutPi1frxm7kNXJR7rNVnYHkkahsNhOUT2eY/blUS8=&c=rza3gCh//284SoLQ xV0/Hyd8l9favyMVoVq/d7IqBsZVxqoqrnlfgJEjFGRvh2598qT3E2ITUnQd6fc5/3vk1kYiFyZC6FJ6QGh1bjdLKkkOiaEyWXfUz1VdEPXE8PK2ggOMtjVifaJCUXrMv/ 7mSChWt31PmR7Iu4HNSzIos=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=SFEFY2k6C6tmI COstd rvP0p2pSN2jWzpC0hJOjIFg=&c=/ozCYHZUbe20mgumP4A5xNj0XwjJ9R2EagNZ6kvQGgUb1ifdLSOhPJXwwfGKr12OWfGMNgFqQAdfVkAlsHSgdYgE5XGCj8n8buJZpof9mz8Wh07Ut 6e c8Q48wfrabjkMNRJVYUf7yiRbxCvbUA011mCUtfotp9OWHztoJNLtw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

Latest 30 of 33 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.