home

mp3rocket_setup.exe

Putolafo

MP3 TechSupport LLC

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application mp3rocket_setup.exe, “Putolafo Setup ” by MP3 TechSupport has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from www.hostflashconcepts.com and multiple other hosts.
Publisher:
MP3 TechSupport LLC  (signed and verified)

Product:
Putolafo

Description:
Putolafo Setup

Version:
4.4.4.8

MD5:
b6756935df5968145829e48336bcf8ac

SHA-1:
3ba51daded2100b3bca2e8ad89d71f458123f567

SHA-256:
74c38e9ad98f546a0bdfd83c3c317daa6df160d0aa72ed8ed58f4ffba7d658a0

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/28/2024 10:33:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
16.12.20.0

File size:
1.4 MB (1,477,832 bytes)

Product version:
1.5

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\mp3rocket_setup.exe

Digital Signature
Signed by:
MP3 TechSupport LLC

Authority:
COMODO CA Limited

Valid from:
4/20/2016 8:00:00 PM

Valid to:
4/21/2017 7:59:59 PM

Subject:
CN=MP3 TechSupport LLC, O=MP3 TechSupport LLC, STREET=3051 W Maple Loop Dr Ste 201, L=Lehi, S=Utah, PostalCode=84043, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0081ECF0B90414131BF9016277516512CB

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, A7, 86, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9597

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file mp3rocket_setup.exe has been seen being distributed by the following 50 URLs.

http://www.hostflashconcepts.com/QpVfIJccgwpnZcuS4QhjOI12l_e2UuqTiFUWeSzd1mCgEA2febK0Ws4isQ9ZkzVLDrR8aH0r9YmQ3wPEZry JBigFZWrDgHpu8Jwq3r8fkM 2J4oaa96kwXn7bL7GZABoKb2edOt14goZc6do2MP2ttzqVLyjw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/N_9AZb2I0iW39r6R8Iwxic43RNl_seXWm73qQjG8aZqdxcRsdPy_q2fmCDyUixSisQjj7tSsLrDf4ZNiKFW3kILnTichVdmgcUm5ndlL 1NjiCtbmDDV_13jWXMOpRX2PUkI0_KuFmJjvwV05WuyKYQqqByBvA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/duzCmiIJsFQfSABnuTl42wDDLwf_n0Y1ai4vn040zKoyj4wotBGaB5QbnlpZc1BdCVkIc1e7iEeq7 HUw9BHX5wLD7JeTuRJScqSlM6iT8Ih1aOnwMt8dLf6pL3h6H9RWhe2pfci77zp9H4UYa_4ShWsV1Lrsw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/ tnCmiOC5CkE2TKJakMFCh5xaZBaMWKHjoA9B w__073mEIEfeQem DuqnN3zH3AIUaqxChSXnMuTLJt0VAKp5sra5LRGmgqETsqyHrts3q6Y3hmJCddNk5U AyMAn70OrVq3ThVqWjx3bwiSSae62I_e6aPg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/cy fcw6ixvU6KlXonNeR5E5G14HX hFBKD3xLQrCd_JReRjlkxW6JFJczBov4SJ1pSEZya_bL9sjiFC7h2Fz2qIAKPSe2J9zEVhJxOT3T0Je5ktEhavyqlWlaKiDFzYm0rtlR_G09iFb3BwVyyCbjTqSauUYQA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/B1C3cUZXpQ7TAsd1QjAVp0gN97L aG4Oe63xg08M88e4zExKTwbUa4rBn7C8MMSBUu LiWalf0WVqYL_mR2ySdtjUlpSFZrXHswlby4ry0d sforDaiq5vLnkUCopgcCzBZf35GtdSAzTBkq_BvluPrik_pvvA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/z1ntcZtl4eF 9go9l3T8SPWjCICW6COjwglxWOZ2w9zrGjaB7mviVwcj17gIhgfjJOSe43iWOJfpseCLwD1OrhfknZC_EAioE0HVnO6qc3GR0sZC5tFC7wW5NPy0wpFUYSFsv1S3unnwWmV86WQdH5YeTX6fLQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/ICmfMVTEAPO6lnx7JZeSby50wB9oZhl0PCF4ngzfZ6Hn9mOrKVllpHVdgKz4Yss8NiZWAOQpNbTVOT9xUx5 9YjD00u6nr_PwrCazKXTqaqe4Sw61byjvva3ZHDsR3Gbwecd 8qM4 at8W4HkBvy3SUSG064sQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/zafdXTtMfNUAjxUkvzGereFrXAwqHseuB4iJTkr ceQB9TlDOhBwoMgWHpcNvasFsSZSPv8h54NSLjtGkL_9991S_tiMrAzc03qJbqegenITa WxpcYxr7swn3QUt_HO2HXA ox6SmQueB2mk9GjXhMtfgYPdQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/ JkPmoQWNVz1na WuebfFWEiwz6iA5OPAmFZt 0niqMiCt0cxaQfnHUrQtZswIZxtfN_zgaostoLGHlfwCGd7Q qFIk gFKzMm49fNwIQUjk8_7g zGgX4FmPik_gntak5LEWrEOmLlpfCM VW1B93y2vN4M0Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/sMlb1r8QCxYayp0stJVDjtWWzda3UEHRpl8GMYY15Jpa6XWdTpHLp9V4XUdEusLV68zj fQ_66XgA_DVTG6uq8i_dyfeU2CNie9zrpVHGUuZPe00ZGs5SwYxFZmlSEpTg6t7T401K0NG6qZoWQznb_I9vuc7Ig==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/_QJlq1EWVJSQKXnCQGpj88zR2RDgFTPD1R1EDeVG1d38u uKxLBkNEv4MSnQ6x8kUvg_Nb2S36eDi2WV5Ykge0x5Q390zf_LEreqbrVHN88Jhk4oozvPpPoJyO7TlDvX66ymNBMOhPyvB0o8NGLrNeN4bzRhcQ==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/r4kgxLq4KsajmvSXkIgEWfX_hcrRU1JGnsuKErjsj3VDF2AHeWUGrhP9ICqWIQQj_F_3ZYRxM xbyw103o tBSrYWG7tMUsR8AivfqkPNeuKLdSGdBrCMXz j1ylU5hd90S1GJHH2QLIwLHYr8akgG rflh1ng==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/oxi 6MEQucwspS0brWnnzkYUUkfMW3bKH9Ca6qePKaSKYuNxB8uC3pb9OjMbjq4GLKXeFIXhLuAKXD88BCktmLz4L_9dD_gB7hOdNxRO0aZOYHKN2rArOhWsllUoL5WWv8i4vhdyCcUsMmD y0 XMGjpeuB57A==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/Zc8QIRMuzam 9879DxOJz5bliWOKrDLWLIuZXGNSTXwGhn3KST2vbpSndEVOO4q_yBx3zenNCNLFdNw1x4jRsYtzF1aSUkDmt4iPmgrNGV6dT6JVOU7pp0D4oExVhRNj74YakfVhPFWd nn9o3OWpuKWuWOikA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/WCplQoF096qq7514V4DGpJxEcUSt6NC1xH15KaFLIKOEy1J73COK7U4LlSFAHQ5w_oLs8mrGHIXKt E7lcB7dWlB4__khuMNIgOEV5if49dmnB8V2wxNjj69sG4jrZxZKDH5XAVD9Acd__EuQzWos98qYuUS6Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/bOKvyBZVFnDezaB61B83Nl5NvoVj4Hx1Px axwj3HWmBdcWtf LHSknq5kQ6Aqkmvv18oDTKoJjwOK8NAjtFF4snary3Hdx aVrW8 8UPaTkb3knicUqt5qrHSN Vwl6eB4sc9_B06x31b0CKQD4t p_hKZjIg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/UizPQ4OyXs0TpB_7Iyg_n2yeEP2YIBH8od4sO7VXtNkGm1qpQT96vYJqhP6h4IkvOysYmFeuKRtkxtnv_HcckS_RguOs95SrflIFesu5s16E8yx6OMhbfUg8OluC8nxw6nc294ImbDHZ8wELqNePDO5dS2oNlw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/iMnRfD5mRxGLhzKQGIyzNjpo9is7rRYk8R6T_LYu6 m0a7WAl9JpqvuEbLcgywkx1AbyMJWUsbmfrd4tVNeLQoFQqkW2c Vl1xfb7Py7XIlhOkk23JDeW5GDvyzgny1abtFQp5A5Eerz7uVRj45sH5vdZaT_Mg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/sI5diDwfYFV3AeSRERGTi7HxT6JfoDxI9SRubXkGkoxXGCrzSFlGm0b9ZpC6HQJue39aNWhd4 vGCgcE89fdy6m0vUjMZf0MKYTL0lALT4wCHu_npItnrXsZFto50C6cldk4OT KxrYbhI2sitJvw0Mv2ROVNw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/uawO35RDgezA0ZcoDmCVK cPrkESyC5KSuLQI2EihKpiskz938i2N4wx92nYS_QZiB_pPyABLmLF5w90gGzz0LRBlFyfa5_vY0N8Ywoq ck6obUwPAFejTYod3vQjmcGfdL1IBsTnzbwIoRzywyTBR1rzrNxUw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/1f1JAzUo3ylvrKB2M3dbEbqfOp6k 9_Ucv4R_ FjrxZ2G3xpIDYzxwy2_Wrrt6NZFRAtESpL1uJTaIEbL3_u4aD s05J5bkFKD2ARCCi895J90EEj1PfdphBFkMRpYJcyAEWA6s_zDxFq 1FT7PfJpfghHEv8Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/oCvQnZlig7K7 DbAm5PTWKX5lMjFma4VTmGMR6XR6MrHoGbXSDcX92ZWBQ8gNZGfSj_9SZ2LDQ5YnaaSDD8T4r9ylVKT94Ig_ikET5FLdY3Uzuqr22DvsRNt6ZB30HAOjjxs4i2s5pWngCiY3nQWNLhdLPNOMw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/KMzLkfqFbuOhL6zHE9JvPQz8n3CsgKxzf4E74ab9xgNbPpWUnOPwBqfIZkbH 4ci6OqCHalSftIygtIJmICbrqrdEQsqWdyDDBLK4qjyvIEkPOectxprDnHjCTBObUNCY_cp08nL4EY0E7KMeRGv13zpS4C g==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/pTfIh_TqzVWmvsRRzUq4ylid5FiX2sNZKpfpNUSzJW0QR3tnqsthbDky8aG6mDZgx9mnFli_gqqha6xAdLQTLBk0fAmzBJMpd_kTnVbzdQnWA7 _slGZ7fsnNHZa4iBKHOPZBT3X3ff0DrOiBbiUk3L57PHVdA==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/LazCFS0uk6dAfLGje19o 2eq5gSoJ1U_v13_xFVDo4njBmKkw_a20OH0 s109QbllAYsyo_VummM7 Pf Qs1cd23_wWqm5kJdUmE GIbYq9kpIXgS ZYFND1X5clT0KwzI9iBQICbJyy8_oCcwCtvOAAZ6Ie5Q==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/euGfaIVHna9iF58nmCPcodxMwio2UR5BgFMChUSDoB8SOIZuAFiIUISmttlu07gUY5isHhVSTYKYWZIBfJd2WlxeRYHrhFDf9_t5uZBLOXzatR5Jm5RcnSvLUDh3SdAPy8VzQQaGHHO0YpumRK09d54IyONG8A==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/M zj0Mrs2WlloODZPLFqtiafq9bjC9yc3yDg4hByKqWFasXI7Ej8DVkYf8TwCg0qnYJBV4TOG2BcV3sGh4SawqAmNxUlbWaxcyCttgUV9ch OFSEmcb6FKxKRRy d0cWD87Kejyut2TattfXZkCAkQdYayzUfg==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/I7vIuKc7gYdyr6QwgOSJ4nXT 1vPx NtyO J4s3mgJf8P_aUYnq4fTCgwjtKA1uXpM1TyToVBZRpT1taM2CxnXVIc6Arxq9_LHX5AtB9e J2sdvjiNIRgWWAIGv8sJcreUFsWNP0zm47h4eeIWU3fgu10oKa0A==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

http://www.hostflashconcepts.com/NQd3g2498Lkf9AzxUoC1n7lo0wtzwAe6QmCXl2Xa_XWMjEEFdKk_l8Jb0I77nW1JHl6_lKgq7CKnHWBRnvZ1YzwQf9 1W6eT0ZNEUHi6Bl6HIaUki VhOf8iArGuqHhq3yeNi5g56trH uzAvykqDO032EKwGw==-Gy8AAATqZLG9ICbhNJvtBeCQA_a3IsnCYGPsXNFGfmPGr6spU1DQc8ym53HiAQ==

Latest 30 of 170 download URLs

Remove mp3rocket_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.