home

p2p-rocket-free.exe

P2P Rocket

Prospera Software, Inc.

The application p2p-rocket-free.exe by Prospera Software has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.toucharger.com and multiple other hosts.
Publisher:
P2P Rocket LLC  (signed by Prospera Software, Inc.)

Product:
P2P Rocket

Version:
4.5.0.0

MD5:
d0956c5f1743fbed0e28b92475adb58b

SHA-1:
2295bbc49696ebdea8d56192212706494757bb2a

SHA-256:
d999b8fda3c526db7798997411836012064d002e532ff0e678f88c151bc4a7eb

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
11/9/2025 11:34:32 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.3030

Bkav FE
W32.HfsAdware
1.3.0.6979

Dr.Web
Program.Unwanted.538
9.0.1.0214

Reason Heuristics
PUP.ProsperaSoftware.Installer (M)
15.8.2.11

Vba32 AntiVirus
Downloader.AdLoad
3.12.26.4

File size:
4.4 MB (4,589,912 bytes)

Copyright:
� P2P Rocket LLC

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\p2p-rocket-free.exe

Digital Signature
Signed by:
Prospera Software, Inc.

Authority:
COMODO CA Limited

Valid from:
5/24/2015 7:00:00 PM

Valid to:
5/24/2016 6:59:59 PM

Subject:
CN="Prospera Software, Inc.", O="Prospera Software, Inc.", POBox=30024, STREET=4539 Arbor Crest Place, L=Suwanee, S=Georgia, PostalCode=30024, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
19A1AE80173FC78EF95D67C4BB75F591

File PE Metadata
Compilation timestamp:
2/24/2012 1:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:+LiBg0rzA5VrhXSn/105kNPugebi087X5rNdryPDSLlZuOee:+LOg0vA5VdXUOCKYDyPDSn8e

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.9240

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file p2p-rocket-free.exe has been seen being distributed by the following 2 URLs.

http://www.toucharger.com/.../8afb010e.dl

http://www.p2procket.com/.../p2p-rocket-free.exe

Remove p2p-rocket-free.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.