» bitlord-online.exe
Overview
Analysis
File Details
Downloads (66)

bitlord-online.exe

House of Life

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application bitlord-online.exe by House of Life has been detected as adware by 2 anti-malware scanners. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.hostingcyclecapital.com and multiple other hosts.

File name:

bitlord-online.exe

Publisher:

House of Life (signed and verified)

MD5:

0ef0638f041ce6681b72103269115c96

SHA-1:

e4573201558b5370d707cafc4f381b0d13588f4b

Scanner detections:

2 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/23/2024 10:19:22 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM42.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.installCore.HouseofLife (M)

15.8.20.18

File size:

431.1 KB (441,408 bytes)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Nullsoft Install System)

Common path:

C:\Documents and Settings\{user}\My documents\egdownloads\bitlord-online.exe

Digital Signature

Signed by:

House of Life

Authority:

COMODO CA Limited

Valid from:

5/14/2015 1:00:00 AM

Valid to:

5/14/2017 12:59:59 AM

Subject:

CN=House of Life, OU=Property, O=House of Life, STREET=Oelnes, L=Sogndal, S=Outside United States, PostalCode=6856, C=NO

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7D10B220FDFA59C2BD4E1AF300EBA218

File PE Metadata

Compilation timestamp:

5/11/2014 9:03:36 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:iDQkrZoosbIfXJ5JCXrlOCQnRuhNHLc9hImq0sqSoBISLau:iDpoesXrlOCQneluhfWqV

Entry address:

0x3217

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 98, 37, 42, 00, E8, AD, 2D, 00, 00, A3, E4, 36, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, A0, EC, 41, 00, FF, 15, 64, 71, 40, 00, 68, E4, 91, 40, 00, 68, E0, 2E, 42, 00, E8, 57, 2A, 00, 00, FF, 15, B0, 70, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 45, 2A... 
[+]

Entropy:

5.8040

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file bitlord-online.exe has been seen being distributed by the following 50 URLs.

http://www.hostingcyclecapital.com/nxj48Y KJDp8UDrSSoOBUEfEja7n603dJaUTTQ6ZhvDw1ZQBjVQScf6GuaYI0L39fVr0PE7AKF5PZ7jUvWTZa_5o0x5HMd3RUSVxCPIz_5xAHM7SUNoROtG8EJ2kaTi89iA6CIsTei27XLSR_IV7kPmi54IXlprsxt9wkV3t416dkgE6As3tvUtOBZ8_HGi6YH9GsSr0eyfGdvd_hBSUETONj6LEftBzqw8RMmbfHO3oKtPhQv0aQp RjaB90NX2sSnaBU2PU2wboMagtLAH8jByLR9 Lw==-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD-e

http://indir.gezginler.net/i/18965/.../

http://www.lo4d.com/get-file/bitlord/.../

http://www.towerworldapp.com/mSA8X1UEzOkgu3XoUxRs_CEvTYDQxffI_dkRUT2Xb1nVKkIaoUnMwL8Fmd1yVbqZ881qXnRU9CobnAVMsLQJRXK5KVLdvGqb2397waFaIEhY4P5ffDqohRz1XCoBUG8xLyCC2PENbyw3Zpt123dhCEQC7PIZopx2HZUPwzUfKvjLPDsxbWCFku9qmGUbkt9CrcFGE520ZsbSUbPuP7qqq_J BKjm8nA522AmEtAx 5hgTJ7jKaGrHLUB2dUx10hpi8EZ0F3DWTcGThhQ60EwqOmA_UIXfQ==-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD-e

http://www.funcentralnew.com/KFjR_Q1BbC3yXWTwQZ_yBiMvo8Na45KZdNwrxcBq1bGjdCqa9wm8t9pOR1XAX7zAULhz1eYyhsV8RGQKXkYKjdmY_rkHGEBr1zgc5PMvbHW6dFh9GWSCeVsSNsKFA8UvyOf1SGGFGQRjXuyWcR2Da07ZEak1qMLuabvRYAysJOEO_HBIHZ2ZwNIuIdIqVZ0T1OwZ2qO8DF_AAi8DWotqSWOBUMTB1uQD_LAF4plvUWsRGRNzKCRYa1UCF01ut0sr1_ifrCU3oFZqwkiQizuaOlyJHD1kJ1crL0q fzHanLTR1sDVttxVprZAzUhm4GDAR5oLZ4BCREOVWDJ9ONQbN33V4uQYkLEbpDgX20d4mSsursYP7XCcZ3EUephhp61Yf Y 4qmL7Xs9 bzgYl8xXoScd6pq6dP DzEZI_uSM_iQrIP0emCiAYxlIENYxN20ubdpETqW-GxQAAKRdxtretCCEFCKK5DqwG4Nvu_EA-e

http://www.lo4d.com/get-file/bitlord/.../

http://www.quickappcapital.com/c?x=ycEUItuIr8mG3msVTMu0B/YLRT/5he/305f5LDIfBqg=&c=77UwzLPayV/IZwTPstQZhuOWxxm5GCwdhNcBNYtxPF79Q/ma1gX5LzW9wgRzXNNFdC/pGZGUwLqDz xq30k vavnJI2jVgJmpFgG4zN00es7CWkdR0ucEd5y9hnErctb&downloadAs=TomsInstaller.exe&fallback_url=http://www.bitlord.com/.../BitLord-Installer.exe

https://dl3.vessoft.com/files2/b/bitlord_windows/2.4.4.312/.../BitLord-Installer.exe

http://www.lo4d.com/get-file/bitlord/.../

http://www.conceptscyclechuckle.com/_3K9G3wTQzTrMp1 zZ0lxi 5TIbBzKjna5izrr6ypV_RmMnW8eEle0B8XcU763YMm7gBUwR4sKG1aDLWcdCPqEUYxObOGZQDC8hpufb8RJzJPpWtIJknzUkW5Jj Id9dzA2PEhoT0zY SHIFfJi0asYupT2zAyt9YKkB_JyBE9N7nDGRlo_kBWTzGVJNdXRUf4BG0CU6I1eBuDd7gzrc2R XrVX_1PIxixy L1lTskBrnbzyjXMxAFeGpPLTuI5eyfuo 0iT-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD-e

http://www.lo4d.com/get-file/bitlord/.../

http://www.besttowerbest.com/RcoSq1EK4Y3grFIK8BB_DyPW KTJRnwdhhzCIdEpsRTvXyfnQ3eywNecGg2mnFf2yOQ_ekxemkKkXWV8gdnPeBjXLFp3GhKrc59XrnKjwGcItvFl6m2kG3p0qCLPwnxcFUdzU6N3CF29hGvcyPKAk6U0TMbcfsIV53RYM410rJgBC1FbUHgXT7aobxakcdqwYHXQa1Aq-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD

http://www.bitsstockfiles.com/c?x=B/YtcAwqLEmAsxz7B6Hwuy4t2YBzE47KQsL0YRb7K4U=&c=qWOaKVX286334RsWZmul6C0Ioad03mb8T7Tx0BwsovITr 0vDV8kKDFq0UzLWeKm//jLl50r3mGuoMD6RFakHPYopQiD InB50wIwaHGeXwV1mjkoC4R/bj5EVMsJngvipyyE7EPjnHVv9E pQJlu sKPIq5JMkzTC5mDnGs2Ns=&e=0&downloadAs=BitlordSetup.exe&fallback_url=http://www.bitlord.com/.../BitLordSetup.exe

http://indir.gezginler.net/i/18965/.../

http://www.lo4d.com/get-file/bitlord/.../

http://www.packagesendtower.com/Tu3u7GYlxlJJQ18pWa75_smztGAnFbqc3ogPP8yF4T4mf5NBxTmhWYYZ47mGE9e2pxybR138NYJryFc8gvl0bX3K57GU8AEAHyi2ocVdisWi7zgIzex5ZAeCjZSK5GtG4rrWwaTun4mvvFBlb3MAAEMCIZVe 8aGsc6sUxtRLxwif3CJd_MF5e4yI7Uax11uHpHqkno 6KKQoDc3ppIGtYnArTH_7yFq75ssP0fRmZRU_F7zmIZ73zGUSqmKOhm_mJO1ssTvwqTkFL oJIAZIy3Eq2mTrg==-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD-e

http://www.lo4d.com/get-file/bitlord/.../

http://www.heartchuckleapplication.com/_05sKOidPp_NIVgQWC1PF4MkqShEfkMO04E sx TG2lnoGCGuxRWYY7uep1tJAS2Kpv 8mTyw3p6vGYhbKC56eX5zwg1BdRXPFaZ2sF1CbA42z23O2MW4J8TwFzVSdDhmvai4dHlH_UlaD4Os1TzuXqSmvlSTsHLHG4klXr8YMCLb3yJeEgH4c4nfhpG36mWdf7r0o Q-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD

http://zalacznik.wp.pl/0/.../BitLord-Installer.exe

http://dl3.vessoft.com/files2/b/bitlord_windows/2.4.4.312/.../BitLord-Installer.exe

http://www.downloadsclearhosting.com/rjpEvwtd XnA4XwMSErm54WChqQDnE20qz50XdKzFVkMW eEvT5nufquKeBUinE5jeYdNpUthDVNue6qfyFlPtCerK3 p7uyInuigvsbf9EoTUz0aq5Jzu6NaKJdm_yTehuMCTVCjwiKOUYRc94ssaNMELYrccKMbBBCrgAy hiLcvAjb3scjpGd6fiyCNxwtTs3WtPQ-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD

http://cdn.bitlordservdownload.com/zPxd1UYfJI85VGTsKmUed2Xs4KPdigIt1xXKbST_UoPnWioPfGNTJ8SHZaGyGXuquVVDV6RKiuVbWPtuz WXz5j4Lcey_H81NUcpez4iXclg9HIlRDLb0NBi9xeLXdmsDkdabtew 6yjx16vll7EPq2E_QNgNI83dTq3DPoYkqUTXchJySlF0ekWJFu04oniQ5W0IERc-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD

http://www.cleanchucklemeta.com/c?x=QiSXy97A9/aKmh1SIqM76i5ZXdKR5UBrunBrN10t6eo=&c=B0cTAuDD4 zsAXMZ5cq7wq4m4WMImd8xL Eo exF6bcqOSbysYSO8z/FsQyMEs82Zf72JsHPEECX Gtxvx4k3028mqAGfz5eRFtQ/dwyee49JYPm/DUWy0vc60CJOJFygZHMziH1SO7 OB2Mg9GcB0oKYzSkSF07ZElUMMVK/2I=&e=0&downloadAs=BitlordSetup.exe&fallback_url=http://www.bitlord.com/.../BitLordSetup.exe

http://www.cleanchucklemeta.com/c?x=5HEjVHh1AgjN9SEH2L8bQHYRfdJdlxRmopn4jmeOLpo=&c=ABdX6/spc5b/2G1lG4vAhpHFBtw0VOxqujYdw2KVAD72MJDcjqFypq1qgOHfLFrNirfc3Nf5jO ZkJmN26ny7kMbZRjmVmRHkhF/GLKTlmi7Gg/AXbLgzmpJ0D17HtIn9R5KhIlKpUrjwDEXPyN3aEDQ5K3ANItd8ssB 5kAl2hqT3jTajEu9r6SWIAXB1HP&e=0&downloadAs=BitlordSetup.exe&fallback_url=http://www.bitlord.com/.../BitLordSetup.exe

http://dl3.vessoft.com/files2/b/bitlord_windows/2.4.4.311/.../BitLord-Installer.exe

http://www.packagesendtower.com/UvNFhKLj2neyufa2bcuvXltgHdy3NY64fIWp4 P2jt9A5Y8dd4MXxOJxd og21mM2aC82U2VDbSqYgZ33DhA7OSQo5aB_lDIdWJVMtSYUiaK4GEtSlYjk4iGmxCgMcksyR8rquPViV_wznwAbp1mSvA8qEJPXSfe 1zscVFQQvqz7_r9 zi4uHPgoUGu8K4uTt uNBKqIeD_cwVagahdxsG0yIJ4fPXGWH8LGoqfKVrM3wBeoofAGRYkEpLmOrgfIB7lFY85eDZr3xnvIf61Aek6yXzglg==-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD-e

http://www.lo4d.com/get-file/bitlord/.../

http://www.universebytepackage.com/c4yt LYyaW1OHxP__AmyVU_YxDDcx1ueY04r8UBuZ_nBMKiI46Eh9ZgR1r1IQZNuAWW2V9_9yrxPQd3zoufRWuh58FWVenI0z hxY1xf 8_TbvlwVKh 6VjZEaigwfXsznpjFAivP4mzVrFTicluPFV2OAHjeKjJbFZ5OFYBi6c5HFPtZ1mSAkULgJbLduFnjFM_ hgW-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD

http://www.packagesendtower.com/1 zrUL_sNBnZJ9kaS_RBrXoRUvHU8D9aHEyLcp12wupAO9ZtgUOAJjnEo644rmo8D29ixyrPlWb5k7lMSu1uJFJ_Eu7aC8pS9iFYXvl_weKq5mgz6jksFx5wmGvhg2Vu2FJvz0n_v1IbRkQs92TuTHyPczLqCppPSwF46DTq_caLNq3hy Mf Zn8Ssb2QmgOTfgHXlHQ-CxeAaHR0cDovL3d3dy5iaXRsb3JkLmNvbS93aW5kb3dzL0JpdExvcmRTZXR1cC5leGUD

http://www.lo4d.com/get-file/bitlord/.../

Latest 30 of 66 download URLs

Remove bitlord-online.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.