home

hearsetup_101738.exe

Hear

4Front Technologies, Inc.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from s8286.chomikuj.pl and multiple other hosts.
Publisher:
Joesoft   (signed by 4Front Technologies, Inc.)

Product:
Hear

Description:
Hear Setup

MD5:
fd867c9b78a61bb3f67ddbe029ed697d

SHA-1:
ed90177cb75f8ec8e2375b45215d02695677e943

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 10:42:48 AM UTC  (today)

File size:
6.5 MB (6,784,008 bytes)

Copyright:
Copyright © 2011 Joesoft.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Digital Signature
Signed by:
4Front Technologies, Inc.

Authority:
GlobalSign nv-sa

Valid from:
7/13/2010 9:15:24 PM

Valid to:
7/13/2013 9:15:21 PM

Subject:
CN="4Front Technologies, Inc.", O="4Front Technologies, Inc.", C=US

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000129CCE72C36

File PE Metadata
Compilation timestamp:
3/17/2011 1:22:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:6pL+Gjs2AF/zUX3SmBx9XFcQjKw1qA/JzOGmL89L:6paest/oHJD917j11qARXmw1

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9854

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file hearsetup_101738.exe has been discovered within the following program.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file hearsetup_101738.exe has been seen being distributed by the following 9 URLs.

http://s8286.chomikuj.pl/File.aspx?e=r-TX_d3Yue1JL_D3BmUoSx3aWsntecsUmgPbiHrQicM373iJznz6LzO959wx1IsfwQZSxKR-1kSw3WBZLu4fz92D8nyHfE1-owOtEert3vrtPUu2b648iJGQCegVLsMGWcFXvz93N-QkHcZf9pYdBg&pv=2

http://download1361.mediafire.com/1ezqk7xhl8eg/.../HearSetup_101738.exe

http://s10495.chomikuj.pl/File.aspx?e=r-TX_d3Yue1JL_D3BmUoS0ahe-VYmDezsDST-k5bLa9vtKwFeWbInGeWPO-_kxe_uxx9vOxJs20Qx8v7X3v_PJdN5Mt3-mlMbJlWt6mNtOWxZ1t7kABGX4kCyVIYHGX606KFoI3Ym1xxVH_jRQztlQ&pv=2

http://s10495.chomikuj.pl/File.aspx?e=r-TX_d3Yue1JL_D3BmUoS0ahe-VYmDezsDST-k5bLa-Stbk4a7F6P6pcOjsWqaJJ2uKYhrcoAOK7egqYu41OY4u1ArI8gw4aScUMibNx3e8MOQ7qGT0BMMwlMRULQY83RxcXMDCFpsgkCm9SmBZNfw&pv=2

http://download1380.mediafire.com/lqclljt9u7kg/.../HearSetup_101738.exe

http://download1083.mediafire.com/hs5gs0dvx6rg/.../HearSetup_101738.exe

https://www.dropbox.com/s/.../HearSetup_101738.exe

http://s10495.chomikuj.pl/File.aspx?e=r-TX_d3Yue1JL_D3BmUoS0ahe-VYmDezsDST-k5bLa8eu3UJh3p_hGbqNwNS2B7DllluTE6iir4FPfoDAdQk0Oc6TYE5a9sjs0HtXH7EHyYq8oNREWMZbNRnYIS7u7kFllf7ap2B0-8ekGguPW5fRg&pv=2

https://downloader.disk.yandex.ru/disk/532bdad3d7307b37a994cf9f80a2f0a6/5465e1a1/.../x-msdownload&fsize=6784008&hid=30a4c5934effb6e06749c826039a529f&media_type=executable

Scan hearsetup_101738.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.