» stremio_setup.exe
Overview
Analysis
File Details
Downloads (107)

stremio_setup.exe

Tesesad

Quality Funnel (Alpha Criteria Ltd.)

The application stremio_setup.exe, “Tesesad Setup ” by Quality Funnel (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.stockdeliveryapplication.com and multiple other hosts.

File name:

stremio_setup.exe

Publisher:

Quality Funnel (Alpha Criteria Ltd.) (signed and verified)

Product:

Tesesad

Description:

Tesesad Setup

Version:

2.7.5.4

MD5:

a8bc6b7a2677ef0e4a3bae3836fe06dc

SHA-1:

b19df30f03ddea639bdc70f507c55e972057857b

SHA-256:

132edd08aaac932774cc5ea062aff87a9cadea766e81e9fabb03b456c0bf1291

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/15/2024 10:43:35 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.AC.Installer (M)

16.6.29.15

File size:

1.1 MB (1,126,408 bytes)

Product version:

4.0.6

Installer

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\stremio_setup.exe

Digital Signature

Signed by:

Quality Funnel (Alpha Criteria Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

1/6/2016 7:00:27 PM

Valid to:

8/4/2016 8:33:40 PM

Subject:

CN=Quality Funnel (Alpha Criteria Ltd.), O=Quality Funnel (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121375EF70E495146E71E4ED38C778E06A7

File PE Metadata

Compilation timestamp:

6/20/1992 3:52:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:Pdi+wDknnFZsC8gC1uB7Dfy0Y7rOKySZo1taejQOc:PUZYnT8gvmrDoPaVp

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.8886

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 50 URLs.

http://www.stockdeliveryapplication.com/c?x= n2cHL1eH1RgLZ8ERFJfTVLskVpLNkCXVKq3wdamMpc=&c=u2nbSUVZgLcVqPEcqaR2wRbP8951Zs0VFpmp9gNiYZZqCdmPjJAG0Xz7rXyMAHThEP1Vm98AdRTTddTNundJ/N2JzoWvq PLyuHPMKHlnRAqyLP1BMCf/gTPn2bcgMYGTdC02WNKlaD4v oSGrk4DjyM 0Dm9ea3gFE0z7bu1Y=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=Us/E9sWaM5iGTDR8Df1TfLB3yAilVCGoGOLIu7uKrd4=&c=pRfDr OM lcU4Tz8wSBEEwGjIoBoI4 7AXTFP7/CX5JPG/6yopNPhx WQsfB76zreF1lX0LBfhK6Ofzh /ZuZUT4TcwnY1y7jDIdHHoylUF2Jh1HvIUa21315AO f2Ec/uFE8ElwW48v8ZJZ1h3HtyKIrFZihNZckAR0I0jI2X8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.strem.io/download?platform=windows

http://www.stockdeliveryapplication.com/c?x=lGZGNMO/KtjhehTuCkIyFOC1HMqAo1Foi0MIJouO3E4=&c=/cQmPyCc1YaCSNR2Uh8J9lzwh5uP2l2/lh32tfu1KVktHPkbh5tAoL0shEdwBOPa50tJYqP731OJG8XkBhDTuIQV34D5aoVwJhc73nnYm3ZjoR/ewvQpAZA4ytlOU7KAfTRugoYeMh2PQV1riWpzUyQqpdAydMpJQNzYdnaBpW8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=Hrov1SlfmfvCrhxit6AKpNftI3wnKg5G70mvK8LagMg=&c=XwXjHDEeXIwSYCec0E5qS7XHjh96pZQr7IPI1mhCAXN2M9Jf kwgs7xnIzoS52DUiT1BxMt6agBJKWJqaVc9eIITx5NaLVTJ1QV1Y5cb45Yek77aT N11Jz0QrCUyzAkttjlVfapTmctdtg1qErf5E3Z cV2oOZr1fog hIBYW8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=LXiYZnG2Zh6uvw3aaTdvDJyDC77oioNe9PVcpjbUG/4=&c=ObaGwb/gP5JLEx9L5Xky58mP/Na7MQutalRmRuO09wLY1Q0hc1JyK4K8 Oy3U 89HsDamD20qgsfZCeqsATUXUY1I3t0/H435BDD3X9Mm7wwvKyhWHdPifCJaAgr39NQRKP8bFfny6Q V5nkeTq4k4TwA/rfCRAhmEn082dBshE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=4UCDMqq3EWlMJzpk9hp7P7Q/61BEHjdO/VOqn6u7Xos=&c=cA2udnA97PL01ulb6SyP4fNOppBzrnBhJkrY2wjEdfjLPi1z0k812EG/ IdQQZRq84TGVtkGSLXjLENmgjVh77UmMUW57JNDbS19ECSHqFHmcw/pELJCCQP cZVZFxI1DqnxQz7AeOujPvL/eg4qrCIwAB2UbeW7REuaTXhmf9U=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=FGipFC3FJEiEW9ZFKUWZz89QGxTazvPH2Wxn9JmWbQE=&c=evKBr4hADdR/s8APxv 5O5E3KgXwJBbgvzrtqQSYxIl7/5IZ0lXrbKN6woZxfuUdfmyTDTecN/NwR51tliVEGqNsPcLO6pTYu2lveqIzs0sje/swZmcqqtX8vDRQObEEAww5z7x27wuGbJIaWTGiZhdWk4Z569NNRl6OVS0A7xM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=jlUGw4ALirju8cEUsGGCntToETKDWUFN0uXi3qsojVU=&c=2fzi98JX//Qhwe5WYgDpTAOm7lpU196f7CPlGK qcT k4LpA1k1FZL5v2tpRVRhuiLvcKoStGxlC1R0l pX9XL 4zmivAZCwJr1sP3mvktmSi6QpMU9uq1tpxK2/I9LGa raRtvda77WtCC5a4ChRv oP3nYoSQ/RrUWJjLsjpk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=dHmrfzTrRhjZvus0GnPz0yscH7 cq6BELm01zPJY5C0=&c=Ba9vrVAWWqGrvnLXl8A6MtI6g2oit9Lm6Aee/kRSnw5W67wWNhTfa7eUJhfrvxJFJ0dN/OcpIXuwP6XVSz055HbHhJF uu7QDAyFWhYLWO3wkfvec7jOEoeUlhROBoBOhum mkB938CmXgei857WufcetoCLNQBAoUR SNoFQiI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=vphn7WNmalXTBcb2XQN1aiw Y1dACaob6ASdd2rSgTA=&c=zQWwMU/SK2GdBOj6ZckEmEHha6TtohxnoHyMwsV vn70wI6kQghakB2A95prFEfNumiGPFw1jQNX22CY6Hwt/twl873TZq9ThzrjP4lqxKA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=X/iurXmqUlXKgf0 q6cWfIbYR0g12IA7as7JhXuCzo4=&c=sv7/JrFoB87jKxPuBlZvmfOve3zBg0y5AKxKzG6AOj5aPgWdPznfrMSxJPPBka96K4TuJTr p9oSGp3pNnw2MFXA9UVx5NfsnCTOX9bYvl8tRI /jLICLd1o0zvz1yG6eT3dhWWIoeseXJ2KDdXoQ6 kYR7m5s6Ii1Ow7Jr8Mmg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=HLTekvJGHzJypWujLiwx11S3jHeSoMricGYWuunBFQQ=&c=R5knRdgEFZmFHL3mtbz yVCCPQiC0oKmObDNwi/968jAzGnNNXt9iiCxxAG SVkTbzr2cfZvg345rH2oKjxlIYUMi5l7qd7UGWcCbe cKckKeQzCcTT68ajR4JXuhKoxTKxp8WmAcZeJgvMjNPPf9ngPjaq9Ed6NdjRd 1qITg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=3T2K47UDNHPFJ2buX5VEeVXRKsBLcpoapCz18AksxK4=&c=69zuN3jneBr4aPfT1S4po6NttME2wyEFI6Zo2mLL dwhr7H/imTFUdRrVnw/3dusbpcxiQ/arC1cHcQOwpadX8PT lobOSKDJzSNvgWmphs9Boxo30fkQUb1YYhYOOEFu7r2S uzqhMDfqFzK2YXXSu2cOoldWLLHHHp6mA70=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=CBcJcz8PaQQsHbcP6qeWDFaU3uOoZbs7uhsP 6o4W2E=&c=YjeE0U AiZcKItpAIkc2jR2kvxTPQbljqS8ByD1gAA5gGEtQWIG1/loayQwVpHbIL/G8fJeN0zqlBsMSDQa2m9LLiLZB ew3G4uRokixq6Gno6H/mg1LfNWgndbiOXrIo0l8 TJ9LKYD3iKY1eTiNr0RjcZyvOnIotpZZkUwG0A=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=HpWikh6bVh1QoFi/2JQIU4tCgqrGMFVcYMxKF/F yvQ=&c=U49iiiu8dZCsGpQo53MGXT/37yz4N8F9jFI6DrLyEmZEcBPVi/4ywZzeJcz9FOk9nlmRAwT4p U1P5lgQGxLVRhCGIpipMv44/bBOcU8ka Au5g8JaBzzp17lDPkcDS0A6fKGzLBnW0ZLUkRiD2DZOWvXguVENniH1Hi3WuBDuQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=U98g2q35DyqaDnCC2hAk46nAntUkVMJo9rYGwR4 zgk=&c=PYn KuMmTugdqN1ncPlyvXGSjK yUQPbVJs/xgvspKf14v4m9zaffHX l0L798DI6djcI5UZSSuoi8POWS4MMIj66rrnsZuC3sVBdW8dj40z9Pub1dUtw BJU/S5xUgJ9fYPuD4NGwmV awBZUPFxtTsW2iXh0eEN9BTB1QvcOA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=EBhiIf7epJTC3AYhbZ3ODo/Rp9hv1AuDEb/e7q55maI=&c=hxg7cMf4LO3HCI vMt3Avv0Qq4Zd0rfWCqXFS5kZMM6X8HGtzwzKjGVT9r9ut8sNomlGJ2xNdS2l9lYegI3iEr6kVo7xY2 935mouJmVllJX38vjP91jXjuYCCUsyzksxO7QjtbecmRnJINSBtDs8pyaPJZdC/mTXJSnTRehc18=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=EKSA0l bERWja4q3X3fTP4lLbXe4u8qQ4Vp2Ahadd/s=&c=62 IbAyRdHoZ9 IEZp4ONK72qKMqD zfdVlRWuOSAmbAPviqKPojeSQ3EGVjKVOIVNbtYl0Eo867kW38E7pEn1m6mQwc IARzL0Fmp7A2yfw2an9UZEiej5QTDzkA14n/9k6zEjq/iQAkNgZ/0cpGYlz8rVTRgbx3gzIKlLMc0o=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=HFYbzWY9TPk7jIy7PYOPUmkg5xjhbX6U5FYK6BQaadI=&c=X6RA46Uh1AHWj6MBWDdt6XHXrr4oQNAze3mbYDx/UNEkk c8GjQCPd3EFEEb4NC08010wEPq4rIl7mfAgwRc3c/m4zkCNXBhm09INxncFdM1pGhhkntfGElPdR5xoLb1nbERWvinhrPAGoRnt9nahERVoQLL8jCSmilfReKH2Sw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=SG5ly2187Sm0IhMoMbG9SvQlRR09BLcTamWFnw7WV/M=&c=fLwz1hVNvnCF0nG4YYGOduoOGwhiOib1JspyRFy79a0I6dVIQ/8HbXraBs3NZJLDvHj4WpIdG3zdmox GBjHeKl0ywuoUa4XrgPBa3EKA9y4v7uAIUPDzxXX9TJDJGGPA4h9s4B0dhR1XAAbM8Z4lGOEsZ5EZihKxK4AA0MAitY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=tWU/cG1kIjHFZw278ubPi0hUJO8gutDfDuCHYgIhJd8=&c=tzlopCF2GVE/As/DRA/X6dLfVnZHvCM5pDP MDS3TrLcqZOnJml5ZbBrBewQQKYwMRZw6rOc2fe2H/gRz N80pfNwEJGQr/vy Hzvqiu9PoOohmktu67ogb Wo9GyYwZISUlSeGQLDVnRYcpGqS9/QW9b69YOoHkt9AMHZpwC4g=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=ag1kd6ylsQj4WWDAE0i1DRPjSEzfaJx1cG9bIy/syLo=&c=iOh4bk74/GbS6Lgol0ZfJ9sB/f4rXmPyFm0bMmSU8PAgDwC12I3HnCUKGA5i1ctEYjGG0aAY3P1FI/YByzkgqQF4e24nbzcz7ngQLF8mHHiq2ItXuBw9ExHL NxT ago/L3qlIeIkrpQOZCPEb3U74MZP xxnrMd2MCTTenYmSg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=sHZYpnuqH/OuQJNcx/cs8EjAgtX17g2N13whrjR//ik=&c=Vnk6gfkKtE6wnaNJLbj xXJjZNl0XzgtNy/lT1ly vIDG VDYwYYbPlnTUbKaCN4FWj3n5o/jupa1xwzcyfav5RWRGlYSzb98Qo9Sxqsb0jwNSZDENj/60CJfoeY/MvWp1ld1fSDDe8fmZxVTWasYhK8lZG2S8A4fFrdphQ/0pM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=NGvfO97alBvPth3weBTAkMWIjxh1mpel0ndbYyDwmOk=&c=/3sN151s/YbyCrg7RiF1MI62zYagAnBf6ZAakOP0ekrEF/jqG7ebW6wkfY5s8ZcbCrJ1vPIMrzYCQb0PrxDhvzJbwgX1ncRtUPw/3Be4IEFajOcemkY8HctBXvrydvovMiHe7uFXJP7vNGFLm HFddADHwyU4O8XWFLgTeifH8g=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=tpCdfrGxKX3kTVDLn2VlyV7oSOH56f5f5htsarWSexc=&c=H6ld102zdimtudrcgf8FjjD1yvQLrVeazKEpxf4Z/WOCmr2a1vrQtnfD2t33MhFXXJEHxMl30 8aqr15EGfn BYuarf WHv 5hTpmT/N/hM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=x/PKttr S9uu1dX6k05p59C4VI 7JdZMMKljgAG0GFs=&c=2kfTNXXPGAcBd/z3pGL1h4Cl9/olabL98/xK1P0sjOuuph1HiBhJ 7 5X7tnfJusHNKNQE5l1t3FCArn9un4bX1/csOcnaigWZNtJ2ikGsv8nGJfXFJdXvSOY3BunZ/Pt9/1znC3QnUoC8Tnr9Z8qD30KZrjg4SpGGdACFO5kwA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=WyOwos1yY5oiedbjmVDN bduFj5gcD65ATUTUsoWskE=&c=9k/q3 Qg0fg2CROPLVeJqxPCT61PKiNnS0O89/z oclvJc uGBglqY9eVBTS86mDOkbuZTCfpgKUtp/dQ5GwBL6w6tXQ/5gPlA2kTHV9 TDxA/JI5snPB kxAHp0uPgXv3BnlRk0aK x52qTTvb7C3jGMqjQM SOSgSnq5r/0ls=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=Mw6x1LApbpLCGH2BOfShcHZyW7hrRhu3deJPfzPH Go=&c=6WHGE/ZwJEDHaknf2pGzzVuEsDFiaRp9m/TAw2kjxZeqMnLYXANf8Yf hSDENgG96cVGYiTVrHzjthpIskAsurOdkvxYIApxIiRrEvaCJsZz mCE5ik7wq7cWMKcud2IkuxCsWS3VUIlHd2W7a9Ufq/ru2y9XZ1TK5tHyZ5Rw/U=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

http://www.stockdeliveryapplication.com/c?x=17p58IyKpv B5KNVsu4Nxdaw1k9VLvlOIMN6hovmab0=&c=UZCk28JjuzH2vOOPVnnXVJed pAqLH0Ch6dIhleKXeo4uxN8pFxydUzGGBRWSsR/WmdDRmfI/7/7a EHVJu21AZOO3TXU2bHMiPQDul2rYKo8GlaF8jXYT1amEOrXETQIXARaR9cSzm8oa9HgtnMC7QZgU//k8nTJ6//MUXlv0M=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.2.exe

Latest 30 of 107 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.