home

stremio_setup.exe

Peh

SpeedyConnector (New Media Holdings Ltd)

The application stremio_setup.exe, “Peh Setup ” by SpeedyConnector (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.conceptsnewvaults.com and multiple other hosts.
Publisher:
SpeedyConnector (New Media Holdings Ltd)  (signed and verified)

Product:
Peh

Description:
Peh Setup

MD5:
d1c2c76c8064c4aa6d9c0b6f69c797eb

SHA-1:
be7fcd95fe9212e1656efdf24b110c7f30a48a54

SHA-256:
229b20a83f76ed00e0c6026ce604ab88dd64576e7c636fcb36cbf5e7a6035898

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/15/2024 4:55:39 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewMedia.NMH.Bundler (M)
16.6.10.0

File size:
1.1 MB (1,143,472 bytes)

Product version:
1.5.2

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\downloads\stremio_setup.exe

Digital Signature
Signed by:
SpeedyConnector (New Media Holdings Ltd)

Authority:
GlobalSign nv-sa

Valid from:
3/8/2016 3:48:06 PM

Valid to:
7/2/2017 5:25:43 PM

Subject:
CN=SpeedyConnector (New Media Holdings Ltd), O=SpeedyConnector (New Media Holdings Ltd), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121FD2D6EA2DEFFFFC3698923DA733CCD42

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:PZiMppk6QUe0jGNAB33PS47V92wh6uwssw/duaistDU5A:PYQpk6QlzNQ3Lp9LIKsrsH

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 50 URLs.

http://www.conceptsnewvaults.com/c?x=2GqpXJz/sZXe7ljmv0P15HCVYa7MakaHLvQpuUjsK1A=&c=MVt4 GSHRoOX7OEVJ1LZBbGuierKKU1kqLe4xCE0eOshSI3PqrNtPDY35/ bdAbCQX8FRD1GxIQvrihnBZz9C8H3Wn873BUM5ub4G9WtH sBJ2p5Muv3eEbEL3JyLt3KGn1rkWjdTnHj2QElsI0Di8WfGB6UZ8nkvjhZxtbNI2s=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=/NEUVMXZbrOBEjMa7vSz8e2LU6jr/76TV1lecQcziE4=&c=tFOz3ZQJNiCmps4g4Z37ZFhZrq8qmBl261W 6/2AfGhc1PJCY/WMcMun MJGhj9auyp4SYh3XFad5v10A9b4dTXKv7OIf8cmhOtfKPGEBKmkE0nXeeE6KL3s5HuY06dfcySVbpoEzefKSFoL/gVRGMwun019bqKEwYtogDHhqCc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=B/ u3uDdJjkTg5fBuGw/R5mvIlj84V7s8fMrtnUotrM=&c=KHsiuOqHtOm5ziNsQ7Os ftq5TtV 3T MlmBCZH7z0xTKpSEGlRBvDGkiTP9/IbBnBmKAEYjRkZx87ZHhK9pnsjlUO9QCqlme2xKC2Ms/Py2lxoKf9jIE4dvaoH/d9IfQYBbDyij5IxVd8 AGZxCYnL6cKwixatBbvZ V3KcdNc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=tjUt8pC9whQawfw9VWmYQxObL/mmvNSH1a7SUZVVO2I=&c=UA0N5ypGuYirh1SrHdu0Dvs2w8HcsmkZ6l97zI4FGafPGzxvYO7JAPd/3WJK77dcUy2bOSverk8HJRwdsQZAA6FCTbnJJW7w vaBdZGCWtERy6JqSZ4R6tYlAQhvLdseKNbN1TP/cZoSTXa9CQHnvpwdtf51sA9AeZX/FXcaJ6Q=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=CqKCDB8vVuJtoEmb7miQ1TDJ3MXVs1w4XV869ke2Pk0=&c=SEMrhT3PAhV7l5YEK2pCiBN5doxV0r4 5shLtODTuHckxgE/orAP/khGQGSzxP7KmzQZ5Ukmvrg7JB2LxEpeWRSl504fE5nTLrYNO3D/U3mkXaWhJq8cM5K4Hqpw9iO/3Y4v09uwiDQo4 yQ5QwrDmZWYTSHXfysvNeRARa7QIw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=2fzy3r11NFQsI7pXjqLU QOuy4YHHqn3frF6WTdSg8w=&c=h7ISfyrZ1MKSnSKtMaksvdkWKUchVETrsq146GSCZ0c4aylc17M8TuxCUqdVT8Yhj1OLhoHCHolUribwNpOkaM3GPdBXaPc4vOwJa1C 2G65irlq8Z xrJU7WjBFsUAhPtMUdbSkth1nfhmmZllZoPGOOECPS0Qw7UCFj4SQhFQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=9nP1RfyheU189yJW2f8u734Rq2ITSJuXrN8vpSU/9Ck=&c=VTeS2TDLDeVGPoZTQwQmaU316QaQAMlB2avETZgKb6ZHeFOPypN4khNAkr4EzDRDsrUSjLuCkOvbZIS fQOwshcPLlG8w9PTTVA5Bd5ihBAMjl3dLDFnll2QXQPModn513HLeBegXjYN7rXmarch6Nj/Eik8Xt5u0HLcC/aGEhY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://strem.io/download?sid=eyJsaWQiOiJFWE1EIiwibm93IjoxNDY1NzI3NjM2fQ==

http://www.conceptsnewvaults.com/c?x=HagfP6YY8qzNUqa5eZ0Xcv3WL/Ias26Nw4GIpw3cc8c=&c=jrXLkBUR8non4KF9rVJdqfFXVFEOwiTiUGkSALMQK2anorC c5tLgOkqjSjtdfJnig vKk3Dzjje9IK880nCzoh3ehXtTXFNrObKHfwE2HU0nqxzwzknPa3ZWeoiacxL d4uUMCPNZ0AsKZ5kLTQugSKlQFTOeyilNwVg2QmReg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=Q0g8bGR PmLaxwbSSPId7zzopb 86KS2YTIgG9v0B A=&c=wdn4EGbalO3dprEh vgDRwMQWLjFRJKTGyV4ohVaMDyljN2fYjlHT/zrCrA6sAzZK8PR8Iu0hYVLnFIbGohFdGHUbly/KAX7fRT22hkcLBfX3D0P4YKF7238m1Qix4a21uHLe5m C4aVsM25Pj2wgDhBuGUnC5LkN 0U3/iWjZ8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=OAdc4eUI5OuPmnUeiuN0sYHmRb2zOYxE4HQtNCaSwvg=&c=qjt7ecAxh AmMbCeETLknCuNqIL15KjzhPXNPzNLtPomN/WQ2A9dDoViXU8P3rYTyaTZ610oOqk6UhqjIUbUDDvnhK1z5zqAYX4k 4oORhFGVAGzlFau0ThMydJXaqNPK1MovS2K2hSgynVW6Wy9AgLf0JUoyfFumg00xsSgSvs=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=EUmojH1T2OE/xljn4gFKoZe4hIP/ uk9jpzLIz9A7sU=&c=2vKlm3mkjZBkyLm8WAABkMIP4wUFFuNDTdbadKXBVaER7KsjRtAZkL6YG4twiBrSu2pCZLzaW5N2j p/DQymFLs1OpACR34A4iv8Be/n2jaBWagntqtu9KeQS6dsSNq7NFgy53lT0h/dzI//JT6GvH36QPRkviZ Gkfq Bu8ies=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=SVd0 WD 0oV0IUb57Taj07uy1fZvQ/egxItYsCutJ8k=&c=iXRkn3dCzdPh8BQ9YFoRhZIXnIapEYlLLFpOAsMHCEweN86ikxUiR6vtKqYb0teiDucFiXk82fRfwA09e3zkSG7mE6bQU6g9VNUODsJI4i4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=u8OB1fbSXQR96eru8EgoPSU52X13GiAabYC0DSxKRuY=&c=5Jdtn6VLK32ZmJbTzZp2tzbOcgzHZD4nTVyfeoziJ89Wd7uM07fKxSUGiijMhpc8rBEjzW3KOZdZl04uu2JMI/fzY7xqskgfYc5p8NGXwhlWsuvE QAKlkzgYERdRlIjtik/0N3WGLtLZJws8QBpmlKRHCr4i3XbYhw5HL/tjuA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.strem.io/download?platform=windows

http://www.conceptsnewvaults.com/c?x=pf 6KLzn1w/ZMA9tSk34Wmad 3o UiulDjCGHiUhiTw=&c=85EDaEm3uD/KHeNGsNlsDKf98OYnysKfq0Sjg9MmJsE0IXnMO4F8hCAcODZGg/oS5aGdnxV48RyGEocx55oJRcEteTV1jhsZCzjHgLlRw1tU2bGKLtqOjFz7pJlapt1Ji3/w7vcHYK57VQDispw/WX5JBAcNlk1Fk0Rq9BMJNlA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=kwWAuIEraDXNdZ7H33X/0TjgC9Z3F7rz6maMTEM7BGE=&c=fK7noLHt44lKYRmxTVbGeaj9hqcSH01kXm2qq3NeQJ18R1XugVqgIrQESofUWyNPvDiiqOsea1YfDnDfMCx8V2X E5XRkZNtVj7uVDDIMOQ3C/oHnSPp8J9Fs7vrXU79hpGE8yrNTNaQF7BuyvzQz60Pq1y/jOKL4pdqYyjH8UE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=oGjDgBO07okNf35DnU83q9fX493DZn5 qNHE0miRnf8=&c=Ke53n5IHe5XKhFAZAfMrVe8ynqZwR5Ql3nWde/XnVk54ER2VvfaIr7e2tVoEU6xnjMzaDkA2uYIj6PEMNUCtsOUVSnktu/7yXdSP9w6BDPbpUvrYLUSOnVpt/RG1zR38O6eYXWfSUNpKQEKFk4vv67Wz /9ZlEQCoMuorVJY3Kk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=fbiyv7QZrw75y8XOFHnWVEKZrayoAx3NKHFPJZCahvg=&c=z9Rjo Dct ptVKpOzQLiNxaWvjzBr7WDIsX2eirqOETZmfxVbYofzliZA8kYO9hi9VrY4redCSnr pxNFNPZfBIduN1R8lAM5cPnQCMsRKTySnUiiJMpSrAhC3YJCrtQmiCWK/OhXyXLvSEdiwTO2eYoFPvCWxHcXi7BtOgHmxQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=0NhNtJi5Kx2/1IrzrbIE8/9MjFUJ5rTef56vvij16CM=&c=q26H67aCX9Ku7jeyHY9Nqr3btg/aToM1E3fst4V38rd1qu8U/VG/fFog5SFs/0CRw nDGqj2t6AjDaY2Y5SRxwxIu2kPuYXBIosYPfEUMhbZoBBbaPKzQSSz4aSd9Ka3kFmld7LwJb11bPsLwQZYQUxLHeWuVYozC0N 7LyjWzk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=GMHlvEVpM3rGkrpe3e6cKOlR9PnAkFHt5SXORCMSUd4=&c=XHcdB9FdnAY38hJAWoFwbp5apk/ol7aJf BVK3Dn AAYUAGLT4eNo0ZqO8RYJMeUMU9BqF3hK6wES24O2SOroorVc9XVp/fYuJwsLRBNKdT85aNIwfqPckjxWMPr1NWEe1TNad6QkpRG u4CcwfwNiW8PLqyq2m8c/3lpWKYcM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=XhDR042sWLY7FHsGaz 0W6pP5OaiFGwX54tH RN1J/E=&c=hON0Peiez80 aDCaezkmNPfRvhak7jVj0VEs9LfB6iAInWcKI5LH4GykQzi8K37GxJ4muhyVqr7GqcbnYgFRA9LIGhocqIRs1k/rCB7V 9DkuNBkOZlZxkNdwaImCuIHUMM6uJZ/vh/ZDBgmNRd136rCbjO5S2sVyC8bVCwnk18=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=b0jvMb5jxswDphiC3JXoo0yHryG8qJiReeoAsjYj8Jc=&c=3rCENcpgdWBW6g4axRcPszYdzA6cWeR/HYHjn0J14jv2QJkErUaf4 d2GmBFyGkKGgipXHRFgYHGeEDHcaOBE1JJEU77W0Jf4Yj jjaS3HolpkicW yLxZH1fA3y9HG4aNSugUdz9si96kW/9TT5z6 4jIcNy1Qu6BXUEjnQuG4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=bf76dSipxzBjS9K08EWw6dalaNvDdWQ9pPudCgwauBA=&c=UcWsJfYFy2W0cOrxbU617e3WjQFjQq5IshaoPq/0hvy CNXldE/Ul2QYSsJcNqQli8rZmTDEWptygpDWg78jxyDZkZFcl6yyBY22lzA1p0Bwf12quA9IMKvepafqT8fwUxZPFVN2OzClLL3 hcPnUErkApWlzXeUJEb9xxFIAMg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=8ODlOwBmh/HqG/7UeFww7WZBDw9tyuED6SXL3Z/2bx4=&c=91XHyJhiypYwEN62BoW31zMrw7JU7ZAExcVMUhJ1BzdiXQNoxaClXPuqwQvoSABXbvm8zzdyGwQ036OasSWmm5L14xOYRoxKpU0ruOrw20/SdQM22DkXnXyfpmjx4yu74haLG4npb4Vi8GGz3BMWW5jQEof69Q8HqcjGmuQwwaw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=Z9BDT7dm94B375EecVJlevvj81evxBAFAYWpFr /53M=&c=5nTMpbJ/J1dxuWerYvsyQEaueSMiTy99Vws8chKYs/JwFMWZtWjPL1rD18RWnnvJO97u8o3SIMbrPa7ctLiHv t7f8Mi0sctdQf4DQXUaeMgmsMKkQLGA8dH6V9YVbBlJa1dwMmXK1cRZNOh7LfgL3chUbwiG 946HBqfWzFUvg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=J63bkepwEiRkNweKizUWbDq22bV3mIemZeNm1AXKyac=&c=B8xxgPo2 ERNkxYNbOE0FltgNistbtOoAYmvod7q3yikNgalPYTkh9rzc9tTDX s0dOv7zQjjvwLEIBUg235LA8eHTxQD2/amMDptXJBAAh5oiU0Uw4Lag77HpfipsrHaW9Qursg1H3w8yHWdKrBmgr1W8m T4KN0szJpyTNyQY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=N36iDb16tD3O9l6KI5 JOlLVSNvl0WwNY559r1QE6J4=&c=k/SePdIY9FwdOz1GsXa5ia4vH/uHEd/OXoHzg9u8DIhI0bx8tQANeyMBI93yC0cX2YLu4l1kUS802KNgaHYb0G/FHe4vjMNGMVtDMT9ZAhg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=Xb4qWtkgSx8E6vkKnW2n7oRSk66EkyTmecjrtqii2O4=&c=vEfFIWcGO2YOmWhQcln8gKD1uo2RuIYJSFkMQ0mtc8g7 X1HO7yzrDv3bhnUcrHVwJrFupQwvq3mgUzwMFxoDt3t69 S/2K8UGcn/7wPsnwBboE5ZsGAQ9uRRW1DJGno76n 521P7b4yx4Nv3V k1NU4t4dgL8M8W3FMjN6Fjtg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=pqhwoRvHvDObSJ5u0 wGToGQplebirYRYE5tUSAmsxg=&c=Vmo9gmPXPEKSwqWbwgF2uVH7PNQx6YZmStmgJMGj8TeAYttUq6mF0Iz4A5r8TJCJgDYLZvcrct12zBS nIkQL3uP6DrZKT65Qh9u6ubQsAg52hPZJghu4zYeeVJFKqCtm GMlgoSAoke/ClXJhiKdhxk1ua8ZcH5iEHbd 0EVqw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

Latest 30 of 91 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.