» movier_setup_manager.exe
Overview
Analysis
File Details
Downloads (124)
Network (3)

movier_setup_manager.exe

Internet Prog

Web

The application movier_setup_manager.exe, “Internet Prog Setup ” has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.sendcurrentapp.com and multiple other hosts. While running, it connects to the Internet address 166.ip-164-132-99.eu on port 80 using the HTTP protocol.

File name:

Publisher:

Web

Product:

Internet Prog

Description:

Internet Prog Setup

MD5:

5b8f479dcd3ad487db14d7cc781c7ab6

SHA-1:

81c484f3757c134785a6c92e90ec9ae7baac05b8

SHA-256:

749f3c5354bae71f96040ea830da9cd1ee7f18e2957c967c19ab91e8144d383e

Scanner detections:

5 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

4/20/2024 12:01:54 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/InstallCore.ACZ potentially unwanted (variant)

9.12353

Fortinet FortiGate

Riskware/InstallCore

10/4/2015

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.1326

McAfee

Artemis!5B8F479DCD3A

5600.6622

Reason Heuristics

PUP.Installer.Bundler.Installer.Meta (M)

15.10.4.19

File size:

915.6 KB (937,612 bytes)

Product version:

5.5.6

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:eCuUQNrbYlGblc6shBWnhrmejT083sIgyvYKCA:eflRLcHBSlf3D

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file movier_setup_manager.exe has been seen being distributed by the following 50 URLs.

http://www.sendcurrentapp.com/c?x=Kpj4Cs3TkigFSx5pZm5lMQtVAT7ZN4jSRyn4zd0Nbmo=&c=Nte4UEYHqoj0qIRrQy0f3BcViGpy4UDNoR12/zv XOWiye8emQYv81yYJQqngEdqqAT1f5ftt4FUgHXAiEfm5B5FnSw7OkEP/GivJL2Lf2Xh3z2e2Abmwdhfq2CNmp8X&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=wwxkREb1VyqxwOqFFOC2XBDPQL8L4ow8 QvtkHYUd8k=&c=oT/WMzG8BDj1f2RCl9p7k8zD39s7 dnATFWJd3o1qhcmw q8M/zRwKeoY986YHciF78Y20QmxI 5uvTH8L31UuCEkNLA3elLpdz4rP8lyVrCopqbL2Ms92QiDITPwB 9&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=AsviNtplTs0NNv1h5XUrtx46OjoczqIOn3LbUBObp8Q=&c=PPz824Q6tc54b6qgw7WyX1HmKNZcqDJcn565F5BFdhwxIAOgB6brqttB7KSm4m0yZ4yPk453l1PXmAPsbsTJk6pvAcH/0iDRZsTdkszbpdnSR3Vk/PVagEGvcNhSmoGN&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.tourpresentnow.com/c?x=9MNjLsDcZHk25Sql3CQjUFSNdO74dnlSyHzpy7OIjKE=&c=BuK4vQs9EsPTSXwoTKId5MGlRjUBI6TIOxwnHwHjKoap/a whDc7/yGf2Roq/rQyyFs7Aco8UIUU3zB9CCvM5jPc0LvTf/6fcCwWgFuMBkdAlRCBiS2YU4dmvSOKsXh7H88gMuJY8Njr3NcI9OtX5g==&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=k8uIbT6TMq/gSZTdNmd7hev1njsODjKD0 wZyw1bOAA=&c=BAkXvvS9SBah Efe3W/0sXTvmpPXBvFAq6ZuheVtbeOMrAdBfh5adoVl6kytqLWNMbU8BckxmHJY/Bc63dvvpy3gQ/otw48JHqxuLuRaYU/ytDaH4B2ByMQuL tGJEyk&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=OcX3GA 21Mv7JkhYxxh7rJZSzaY CDBjZEmR5VGBsQo=&c=IuubfUgSt2QpTg5ZKYcHpQI8Les4jR132DGm5q9JG3CRAo7GeSqYltN2sw /Yi qOSx4205aQmcUfmfUvryr58VP w0a2adEk1jQi 1qmEAaHiNpg24N0y9G/4ca5/VC&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=Gt4L1quWW W7R1Umj49qICDRg5J3NvunSKuyEUywfXA=&c=bN8RKZFFSnnFLLtyEj62mXQjD601Vq8lbvbIakDTjqd0so8CrmDcZzGvGZMxIBP/ cYiUpvYBCCohTto3dbV01K7HiZvQb Lzrkem6MZ8sNlIoyDBCx6dMWW6vOMzFvF&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=tJIGjNzJ5JzjA6HOsxg0N7G7NbkDGLTGpOrV7UGmkZ4=&c=8X5SZnCiA2ghTo5efKH4XjmZ0lgrKObhS2Odd7dUVLhbFYeZZ3G1MKak4PH1pZCDu6wDS2NU22678eIfntFk7RakZAbmXyLE19nEwtv1sXNGsDVws5pre9Wqi TMjJFw&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=1sfGbe0FZFDg9QkZ9I7GdqdVSwQYXuEtjSOGvvZhhXY=&c=AblbYMbTnC7DU4bG5t8ACGQd9/zIxVPpCfVvTEWxSReeP6tSOlukJESNiCwiLBsj8MdOhKwbNh/Tr3ZO6yy3TSedu68mvImGTEQY4pMhRFtPEDgrGPCboKJG2FYC oa4&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=PKBJE6Za3nkbutTBn/Sdrny5PCjtUfUipn4Z2BT8c 8=&c=A4nJwsZrHC5THFeR78NmIo7bMuquChvUi2f5rmcw/ni AlUWiqgnohAKsgPvoJAPmfhoObIhpiKTwgElLigD2mF/Xo5rHIsJoxhO1mx/2alnR/tgbJBLZF19y1hix9MI&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=slhG7KsraXcjpIIQc486u R8VkNS2yDJAIl9NPIPX0s=&c=tlZoori6llDYychuzl7wKC XPDrCtcz9sE3AauaaY2JHWa2O5 JYY3Br1XpzqgMtQPamZvOlo AeoZYYRXtSQlsqvP18vSQ5sWvvAxuSKz0NcMKUHPMqqWk45ET8WRkD&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=35SA2lPIx8Cg4UFJZJnkmxLO097xe6zX1RYkl3C ciE=&c=49LnjVaSsI8FftJ gze6iQhsdMy88ycl723CG6ha8JiCWPNdymicycTlpNGqsk1uWnmJR2LFue30 XicMxSS5XvLtEkUklYm7BdHhBGTnqu86B86LYZS2CXuXLucWME2&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=9ofqBdb0810B /32Pk8zTKDnr7/BMXAaNcQrbZJ4fc8=&c=/gBU9cLTIbok5h4s8huDdMNwPj8ykaFF3og5vF9A7ouFNfHMc WFOmze7eIt1YsrATgLwPtEI68nEDzFFPicqWcHaIOwrJHutMFRF9oDkG0fr4xLwx9xBhN/yuzzeJRJ&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=Zq33RzLJgjkOXA5QWpQI0rOspqh03wN OQyhWBzIQXE=&c=L72T0DRx1gKi VPsPrO 6gL35ltE/MmxmY58W98Ygd/RcjSqoChZFf3Y Jw9KAUoib6P6CHvz/5jNPR4sL2CoK6JEnW/HB m fLmq2QUzb6NXveki7nOqu8kw35ZM1MR&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=VgUk8UF/MPRBu5LnTaOY8XSFeoYn8uxPokM381/3jHs=&c=vn/v7vUjf8cR4v8X5VRSNrruMfVJW21DOuv x5osFvSjJKFkXM95YqxiWbZf7hhzo OxmKeVV6yWcEEnzFZe4PE22Bq6E5G9ni2fHYqgcvq3UdO7Kw2oJKvVqQ3B69x3&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=Vrrgs6KPCjxRRqtUZu/Vj FuCCZjnjpqTM2TR4skLQU=&c=3Njw/3EL6GVX4VMGIegNEfyLFZ3R8dQitYgBHXr1dxlr0DdozTfllqceaZFlnsxOYXcT0qxEaoZPxZ6gSt UzuhwCucT5vwSjxL40JvY3uIBZyCz eHP1ObqOjS9H6wB&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=s7xDC38V8Ly2amsL8LWRTlQyB6VDSTWSmxQKS2GwiNs=&c=hA8WNlUBsYTmrSeS QJJU2N8BexIchRnXJdYl6tQLflQhDdA cvtpTVvVjFQz2jRj638NXNL4ePju0J8rkHZE0iLBt9xzlTDn2A GAhBj 0vdET DiQXpQ0uQUKi7zRa&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=yM 1O70Jbtu1ZhDmS/ BME OeS2sos274u7XqBW eXI=&c=L 3VQ9yQ211jX8PDJHQT7YPltTE6Wqnz4L/ Uwf/6kImjbpytJryvTfr3pXPny2DsRFOLjvlDJACUj5EVJMHRBtDCQfr1Dm/hJrXRX heyQTsuBNgfzVIpZG3p/PwGRm&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.perkyfolderhome.com/c?x=TB4N3j88CyXsaXY3UmVTrMenQX/wnrSjQMixHXD43rA=&c=J0nho6I0a5dQOX5vMSBlmXz2XRP8QeNkyqBrZFRaYg wRsPqLbCr2c8Jv2WFSAF7X0xmlt1hZV294YATMHE4eK3stf9MewG Zr0nMDMbqe6h5qtE8tsc0k8rfLO/MYBA&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x= qF3roNUx8MT9IV0Ex/bVyIQ1BiVejBpifKA5xbBy1U=&c=ywjrwLKiUzzcbIRoXyXBoB0DewFqYhKCrBGBL0wOW2ETCE3yAPj0yrgqSoitCClmgf0WS2VwfxP3/vItiyww3016SAo3G7R8OPoPdVa96lsGNYIBFyDpqOUzbq1oOGWU&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=jVlEN2tEePoz97ALKjZha5mqiDMlck4J8Lz389Ne7qI=&c=g9mDC4HDJ789wN gKd 7t3Qx9C995GG/yY GvwQyRXItzg3F04gsM8eE29llOMWWjM1qbGYi0/tNnlKWlcnfF6G6XjxQJwUgYctodvMRV3IRmqJdks9YSZt20JzeARz&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=CKdvypCv5 FXLhb ag6ZzCqD7Jy5VnTREO/cIc8fWwk=&c=krE/yWhFQzXwm1LwVeWXK94cxRgmQMZovKF8q LC0b0JuB4/ZnMuEVhyZvS3aQjt9iJFByjBOApdMzvylRuMofXB2rPzzyb4NR wuJwaaAZPkleg KsN4HqXhwRkPak9&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=w29A5bFPg sQEkIqQUh2G3EZ9xnkNFl8nnVa5XKhVeo=&c=VXT0sQIWQ61SHzxQDjAMpMe7K9sdPImNagFzpVCOwRtGBFF07rI9J0TGlARA/7FjV1tFnF2xT2b3sCD K0SQglJl4GHlKV8ofFvmXJY1wrMhtxy8gpMUQD3FZWBCJ0D4&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=X ueCU10qLSylI/iAx3Gq9nSthYaKMaC/iBy/B1T2CI=&c=LYf 1zwDmFt7FJz8JZ7SZELTO9PulRpyOdq/TBz770 Mh63dgGMqYh6KnuLROrOjf/GG0h17CKkZp2/ByjWOSYpttEDYHdvgw39Nnj5HECaXy w95P0Wa7CqdbTqgugc&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=erH a9XFEqEEh0roK/GK96Dtd7rZJlQ BQj 3tGNT7Y=&c=NMUUEo9sDbMieQU0kYmsbbuR4gJGGNmihqKpHdiyQ8QlVTiLmJTxk0RIdwdVFm0Fb/3bHUa4oHob0zNeVlCK1 NWvpIlxgUt1Wz5rHWOW5tjW aUcPAzUE1xiQ0zjKqa&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=U2pMDXfL3zJMw6I00aZjo0 JlSrMSKNuLP2 /K/H38M=&c=n0YhXOWEPY RLSzT4 8LMhuvDX8YheUpEIwYCw/nJZAlZj VXIZN8joPcO4CHgyZhXuqDmlfdV KcL6zYd vPB1iJjuq0ZqJu5CQPm 6Lu/qth8Z7Asq66FX0fq0VzvV&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.perkyfolderhome.com/c?x=HSVRYPP90BivXP5q6FA4K TI/07H uxi 0F03F0HAtQ=&c=9TIr5lbtq1kZmZkmcRfLcbmZfGkLdAY EXbwVApssHjUMOnGdzithODkSTLz1/sn4lA8JblXrH18njPUzCbPWWqyJOG3bbdJBIwAdTyDNvHeH yVE3npb3mO6j6XL1oW71ln4Kk1awlFHLGjrmySCcD6BGacqIhQZO5nL/vD64ppOogLZkDi0gCWnvv5nbvh&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=RYppuGwTThcYW1K kw/vi9XhUcGoDBewBh ZAF tap4=&c=8nF7I5WB 9yM7I4V4eWop8Wv8vsXM3wk3DWQbkYcRMlIMcgH8/scnEjsxfzj uI1n/QRkuv6DIQwB/T1XTUHpHMuETmyhVBpNtK2 sVV99Yy7Vyq3Ht4GmPC0Dsk8xuw&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x=TtMXgUPyHeK5b3Mk5RMSxJibH5UzFnK3JNAd25hygkg=&c=tqG6L7OdgCMxJGtecdkxRI4UBzVxtRsPf6 aiwS64Or0KxN0UbTwxA 81nt9Y5EzypKb7B3ER8kxuQQbpRFcOqEO963ufCFIIMK2OVbSpLry18 ULwZkrSLCxlk6cA L&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

http://www.sendcurrentapp.com/c?x= QBC0jj1TxbPvNTAcNZWEHTsTdpndpWszWPkCzlj9mg=&c=uhxVZ7YD2fsxOjuDp9A2fZFHUjA6sMlIiVvsh2oWHApqfVc /tMDI6U2aWSXHoKcNrLuO7UrRWGMAiwsnbNaSy7drETTac95Ef9qGl tqZTxERN59v6jC3svBe9BdeNy&downloadAs=Movier_Installer.exe&fallback_url=http://.../MovierInstaller.exe

Latest 30 of 124 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to 166.ip-164-132-99.eu (164.132.99.166:80)

TCP (HTTP):

Connects to ec2-52-26-136-207.us-west-2.compute.amazonaws.com (52.26.136.207:80)

TCP (HTTP):

Connects to ec2-52-205-119-185.compute-1.amazonaws.com (52.205.119.185:80)

Remove movier_setup_manager.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.