» darkwave-studio-5.5.6-setup.exe
Overview
Analysis
File Details
Downloads (19)

darkwave-studio-5.5.6-setup.exe

Setup Alpha ((New Media Holdings Ltd)

The application darkwave-studio-5.5.6-setup.exe by Setup Alpha ((New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

Setup Alpha ((New Media Holdings Ltd) (signed and verified)

MD5:

55e6d6d4648eb786f8ca0cd6d6aca1d1

SHA-1:

ce0d774f7276de7a13298897ae3f2d0367e21f15

SHA-256:

139eb77f84f0d89196f3580bb4f0ed033886186f4fd170389fba58ede7a05c28

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/30/2024 11:57:26 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.NewMedia.NMH (M)

16.9.1.14

File size:

2.9 MB (3,016,064 bytes)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Nullsoft Install System)

Common path:

C:\users\{user}\downloads\darkwave-studio-5.5.6-setup.exe

Digital Signature

Signed by:

Setup Alpha ((New Media Holdings Ltd)

Authority:

GlobalSign nv-sa

Valid from:

3/14/2016 10:00:32 AM

Valid to:

6/25/2017 4:42:13 AM

Subject:

CN=Setup Alpha ((New Media Holdings Ltd), O=Setup Alpha ((New Media Holdings Ltd), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121BA855EED3CFF403D39EDCDA9844389DA

File PE Metadata

Compilation timestamp:

4/1/2016 8:20:02 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:qJg2FuBpWdfPuXqcqhVmU3gBIsA19YfgB6hw1Un3IyHU1hGtS2MxuJI9BiIHzXJA:qJgdvQiq5ZsAYkuwCnYOU1stSh4YtHlA

Entry address:

0x326F

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 57, 33, DB, 68, 01, 80, 00, 00, 89, 5C, 24, 20, C7, 44, 24, 14, 30, 91, 40, 00, 89, 5C, 24, 1C, C6, 44, 24, 18, 20, FF, 15, B4, 70, 40, 00, FF, 15, B0, 70, 40, 00, 66, 3D, 06, 00, 74, 11, 53, E8, 07, 2E, 00, 00, 3B, C3, 74, 07, 68, 00, 0C, 00, 00, FF, D0, BE, 80, 72, 40, 00, 56, E8, 83, 2D, 00, 00, 56, FF, 15, AC, 70, 40, 00, 8D, 74, 06, 01, 38, 1E, 75, EB, 6A, 0D, E8, DB, 2D, 00, 00, 6A, 0B, E8, D4, 2D, 00, 00, A3, A4, 27, 7A, 00, FF, 15, 38, 70, 40, 00, 53, FF, 15, 6C... 
[+]

Entropy:

7.9563

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file darkwave-studio-5.5.6-setup.exe has been seen being distributed by the following 19 URLs.

http://dw.uptodown.com/dwn/qOMVsmM05YlfyLFYi7F6Quxi4H9bNuwcF1v-JaX03O5JthcGujJT-fLC0VqgVWDF3kyb8YSnW7l1h4jL96q1w3khtAkf5CiE-HxNr7hnVK8PZ6dou6azKyScpfpB_Q-R/4ivtvbm8pII1qN41RO1Da_hYkMjm_aS9nosc72pTDv0WGqNtrQF8GFyrjdJDghZdv-H__MXQc8uoSAFOdvarKl0UhHhEKDXvrFKys1GXUvgk39UPRinxZso9H9_3QIcN/vbuQFf6mQfPd3-Na4AHl4RtCSGdhIVTXafm1UqiDt5G6TaVxx1tjnIXpVHJ8p3j2eJyN5FXf7BRGzmVsOIreBGHRpE_Ea59EGcfxq3Kkrw-iSkOL2xL5vP56pHWjkIvY/.../

http://www.winsite.com/Audio/MIDI/DarkWave-Studio/.../154028

https://dw.uptodown.com/dwn/2cKGlci5GUgLZU6IT4nKSy69Etw7KOEfD2O6gcsDHDn9KwkqZm7qWoU_9ROuFeRCMVNVzE54uOm7eE1ACcDhbhKJcWmgwLjJHdmxuFUdOSiTOTeDiFGBOxFqNmYR4Fbw/XGibCXxJLc7gQEArn2rHVcL78Zz1PQFIdnKE2xdviP2bU0CIvzR9M7opYL4FtHa6Ow5PEUhaG50M7PhB4ntrE9eF37FxvSiaitDbvLZLLLdSvhmQHFyukRXhjbZPAv-Z/WJhU5eL8_7OlEdq-DJPOXcjuP8EjqvU6fy-y2FE6VV3FOa_ucslL6B2iB3I1WkgU0GTpzowXegoI8d8NaoseIDBslLWCygwCZy_8cgFHzChhkCnNdplj6aUtCOOof97j/.../

https://dw.uptodown.com/dwn/oOyxaHg86W8cmUmZKWTifxYLy_P5-VIDaW8ogZouPO_bDwi06fewz8A2UopFimlyjlqjyBjUDmh6mVKUQnfGyhsI-TMlAQ_1piN0uQwY9r0BNps0F9-YXUAJt36_vb_T/XMje6BNIgf4ZMYllJStHUgvbhYQLbNiVcOeFj8gt0S-fu_jbvVjx8LW9K-NbpOJB3vQWZhegTaqL0LVH9zo3j7AjdfSoYiXpAtAyuCeaqZAQKPslhpip64MOdF0lrInW/sPe6gJQCT86axZNKs0G2X09Ynk3si4RIJaenZSZgzFJSP_w0O7JzvoFSdjajLa_PvGpuNYqQEChE5GXfaNgCAWp1JOU9_SEVgAmfxEbQHtBIU0nxAQIUKakDDo52knpL/.../

http://dw.uptodown.com/dwn/-n-H7qvBdVTJcpBnlme-1nIJlxZLR329PZItUobkHf4yFWrho3AIQFZtmL7zQpxXy9MKsQOci_IfpSR1HEo95ezdZy8Cch_jIbWWgyxKYG0j5Tnecm7Xx4aZeRLlT_tx/1U4pLgJC0OwQkS15-I13bT_S5oFwyq0OkPHtcHKo2-_CEf51ClBGZO584GnsDscWzhE2IkdeFPPakTexiY2EfOwERIDgwaXqOJmCiTZkgkCt3vT-PskuC-sPNK1pvr1r/ZC9QAeHRWqstelIRynBCPviYnWWsuUXDWtYGCx52ipBlHUVkRPF0GGRQvDEaWIcE1dhOzn-upFUIS4MfQvgfdk20iBwxR5H88wsg8nu3N5h5U1Iwf-cQzNGmxMIn6S6w/.../

https://dw.uptodown.com/dwn/6jG8ksAwsZTsO5yeRaGvhwJBmwZNfxhDSvlMyGh857fP6Dmb_cJnxIEW0zvBI727LmXNK6lf7Vun43iSVtnA5RZ396oDekwnVYoYGKZmbXnV258UrEjjALlGV2VOu7Vj/cNCw8WL8R1Jogw18qKw-VVyCVHk_F7edF5uRVFDN_OD5dgrNS8lz8uCSJC2g74skzYk-x8IiWEsl8UKp8iLqR1SO-V-DAXs8gDrjGTHjCdP6y3FMMvdGSlXFgXgGCcjV/4-4u146mMC0A_vYRbD2j_h41SAzpr7tBYIYyaCdCvOKkHWkPLhstzMjGXL02k7b0MWuILao937MWURg4c0AC6Nb4x_yivJcyZCBEXNmdL-ermqgqRNMJjN3mwZb-35il/.../

https://softvisia.com/request.php?mirror.1767.11

https://dw3.uptodown.com/dwn/gFekYs5ZAdt1pRLS8wt2GO2AzAm-8N6utHe6SYjY64bM7hDXsylwaUAjvI2rKH-_-gwTiBargzZ1rh8S6Teb9g6WEKoTL90schQmiCIayVM9SZaJoWaKcyK8_ATjUgN0/F5tYCjlID2-_m8IvjvqjqRxMU0oE45Y-qcfX-hkcjiyg5REMBenpSPqAz-NGcT05GCfv68Vf8CgXobTEmfktdhoq_NPJeVRTgcs2VaUUo_CisVZKLxbU4nhHPG1wBebv/YdsYH5C7QnaDigfQF41JPg7o7GpFz2qglK8PObzNSsFCevyPNUC05GyY0_kSAeLzhWPMJS-mxtGbWXKJNOuufY2yDUXphb33v2cOuUuPABThTPUaBcGIIy7uD8HVKDnD/.../darkwave-studio-5-5-6.exe

http://dw.uptodown.com/dwn/Nu6kf2rCBI_hCRwsnpXHGpFxl3_eCw-cG8Cz2Pj1yOdtG6zgglZsOD9oUMGp_TY5seA8xyVZRw9sKXdcSvHRwvoPmWf8CJCK2Y_skKizNruWVmLK61gWLiWK6pRUKHgo/nFbUDwESANrpDzDVTtipBdUTszDI4tuJryIbSTA3aX9-r9SlySsCjKka06sCt372oEDtauIniADF_W4TSEE1RWO2uinYF42EVdp8Xhbh-L13bFsasqkMC8DOCF9ESE9R/vcvBmXDoWBPwzwq4BapNlFWKZDwJceOSw8EOC1def2oQx81EHRv6BkzSdBnVBqGs1tfD8YSbT-LfsG9z1c_eSOPHrE--50pK-wE_lSUswdJ3BKe7PFFh1iJDmcor60A0/.../

https://dw.uptodown.com/dwn/43K_SW65pZDeLgDBcHDMd8ukqqH1rr8ErIdQaz3FT_t_ir_ykvYbeXgHdzCe9anf4IqhVCmorS91jCBz7OW31YqupJ1lgczp7iq6t3uzVsUzsVkFAmf5mabCKaOn4U5t/cnV6RC1r_P4H-eb1kmxiUB0eL4PJrUgKxXmLEwttJx8v1o8C7eA5i_RAoJ1qShHa-IFFcA2tZEaErFKZb27QYFMlxjSySUs2yzli0uVNDSwQzvYt1GIMbWPbzMwRc91V/jSdMt9fRvMQ9Vbiib3J3KTWWNXJkm0DAXE9bbmhD3RVRGLQiW_VwQYZ3F3ZwFhsxgycbj9Pa9KV7g4pvHt1Y05jC4KX52GqKx-_aEQ0yKiHIgwvmub42pfN5KvzF9Acr/.../

https://dw.uptodown.com/dwn/VOVKpgDJ011EzHISwYC9bF7hGYX2LNia2HZPzlljDh2HxUfTcTEytpGjC-gHIFxdegxNTunNwUdKTdF4tq70gqEA5vEK516TJC1JjAc5ThKRFsc-VH7gD-ZJ0pf1Q8-t/1CXPzt2XxNpiIok1sRcxQ42fCrZskBiZWIITO3Z5KLOzpdf6FV-JhDa44H_1w1rMQVV1O8wm98TS7kXrSYHMzA0jDkphNhcE4Rj6ldeXHPtJMWPL3yrjrs5GKMSE9YVg/Mrv2cpEvyc2jI5ETpM4Y0ZlnCJTPxnqiVaSSJHtxfJTiTaTK1Xnzg5Tqyy2JDAg8UichBHPNRkoIDE2UsBIq2BJaAVOLuHbGmUpQKA4aIMqwd0ptL3ragZ0ufb-a-nhe/.../

https://dw.uptodown.com/dwn/f-e9kDOAjMlhLuvEnv8qo8blImYyzkWFskBbivrjTUx11MbbFTw3xRNDaZh8du953enVfQC045-ly17zTWtUy0wPDysdRxqlKhp2lGrtevp_-3HBs6z53pZ-mIq1OU9x/HMOA8c6mSec5z4PAdsgiAGgIJs_U7v7luuFxl6v3gemvosP-Wfxkx_VwmafoPGbx43aRRdNsABVbOMw_QzmISF1PN5AhiMiNOecOgJx2oE_LE49ZZuATHPkkTRxaPJ7L/tiFmgoS30h-tweOITb-oYxsQHwUJhpWCHUHbBPY07oRMZIYAoWBk0R6_cnQ2M06fMJV1TG2NPqBaYX8y8GDrKsR09GRVmGyptuV9_N2COT_jZpHQ1Le9bO92cTipYbV0/.../

http://downloadpipe.com/directdownload.php?id=1524121

http://software.thaiware.com/download_url.php?id=11313

http://dw.uptodown.com/dwn/LGeUhjea2rSpnQiKetsnavKHdpu0FbyEm6V5z6dlF98ZZcj11901BU7L6-UUJGHAisDAs-eQ-onr8DF-7TdxOZeWQ6lXlCaqD1vFDyfjQRuQDqRG61Wd8xoiHoMHVHta/yqWOzelh1eiTtwZIH6vriJkPo2DSGUuVHDQAGr1SNJTtQV5y6qb5J7LQteDjVNVinkEJO9zSkuAxUEZmxaOgSbog56DrAcDFa5WLAx22X_ATe7hk1WRXFLuXLbaxFPNk/FIZTsCduQ3L0HFKZtKIl98buaf2yqRrSh7BMciTl9lnBzYUfnUeYRhHM-wtbXxnX99uz_suABbLN0NlBF2ULBfFULvatxCt4s4Cc9ha20uXi3RaC8-Yiyj2Lv53rP8Wv/.../

http://dw.uptodown.com/dwn/xhjLv2asNmesaCbWW7ZrCeWC6ZWERstPnKOdz4d4BcRiFV2LP8Pu7X06prsm5lShVxlPrekr7AtVMbpkU9CRh4g2U5Joc9RuydeYtt8xh75t2H_wfF7PMXxbPzM2xZOW/dPNKz_Alezs3KiBBjXHreLgvKprkDvcNvdVn1LV9ijWKnlkJZEfFf-u8lo_suYVSMbTNT29NpW7yRZj_3dhyLt-2YLiYazVP3zfqG7XXXjPVdlQdx3mN4zJELiHxsFBG/p0q4JXI-tgndMglIYfgnexnEARL1eR6c_pzJyZrXAx4MFO-yugJwh0GhToe8xYxzzm4mI1UJhdd2PiC80y79HG1S2z5fUAXNJ2PjzF2s6QI-MzLQ38rpG0qJcaaWHP-D/.../

https://dw.uptodown.com/dwn/GKS1hJqi4KHk_E0k44MfAY2-YxTDL_npze5i27P2vk7ff5TB7HpwWTKiXZgZvHfvYsDY4wRsbJ0b_PS0_LruW4e4VOIJOrH1i-9BRMzTIePhpOXFjJZN-RK-xQ5jwT6u/MEEDQuc_aXzP4XHyW6uhKi8ZIYW5Sp_hv7-baqvS6Xggo928bzKG_Omhvoc0vMswr_Tfd2DMmfxhI5pwpdQrmu9rSIomjbYawZAMHYZb3079k-4FbrNs2m_1gwBmmx6B/AWQSL2no93c1aMoWAwP1lVWpFg7lQ6ISg88OcsvkzAd-z1U-Xp6h_hYYIqyXy9bquAFum4FfEGCFQ1AxIh2SgeiNGyen_tbrcFh9WRFdlgW92A9uOhIn4R6-sGMsCACk/.../

http://www.experimentalscene.com/.../DarkWave-Studio-5.5.6-Setup.exe

http://www.experimentalscene.com/.../DarkWave-Studio-5.5.4-Setup.exe

Remove darkwave-studio-5.5.6-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.