home

pokemon-uranium-beta-4-0-demo-32-bits.exe

Software Installer App

Deliver.com (Fried Cookie Ltd.)

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application pokemon-uranium-beta-4-0-demo-32-bits.exe, “Software Installer App Setup ” by Deliver.com (Fried Cookie) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Deliver.com (Fried Cookie Ltd.)  (signed and verified)

Product:
Software Installer App

Description:
Software Installer App Setup

MD5:
a7a9b7f37db7137d923d8927c442269f

SHA-1:
cd955ab71175f8b5785c763ec457fe22e2445623

SHA-256:
7bf72a5ccbc500214408715c1779980e0e367cfcb76b496a317857b7b11bb99b

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
6/22/2025 8:57:03 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.Installer.Installer (M)
16.1.20.16

File size:
732.1 KB (749,672 bytes)

Product version:
4.5

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pokemon-uranium-beta-4-0-demo-32-bits.exe

Digital Signature
Signed by:
Deliver.com (Fried Cookie Ltd.)

Authority:
GlobalSign nv-sa

Valid from:
11/14/2014 8:12:20 AM

Valid to:
11/15/2015 8:12:20 AM

Subject:
CN=Deliver.com (Fried Cookie Ltd.), O=Deliver.com (Fried Cookie Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112157EDEEF1A59AB086421EA4B8BBEC42ED

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:tRuFahp4J/93LqU4ICjEeQD1T23xvwn79hFuBW4tLVJer31SaVxE4cz:tRuF4p4JRgIFeQD1TGeTFx4Dc5Sak4cz

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file pokemon-uranium-beta-4-0-demo-32-bits.exe has been seen being distributed by the following 4 URLs.

http://cdn.clickjogoscontent.com/?ic_user_id=495&data=r2N4ddaspEfTDW3ORqG2poa7iKdLv1PDK2LW5rulLqDsKr9vkj z0wVzFGjwtCCQim7Pzp2Z/SqLwbDwYe/XRCxn5tLfydgbLcr2EPHU9kmMuvZqcGd LtLgyDJZ8r3FrLKax40iEAgE7vBoZDoztmEYDdDYZfW1jA7pCrxALC/gM965HRwd2KVwQ8LrJtItAuc59XGhhrS9GQCoi15hfI62jXRvQioYUa ZZc5qpydpuOtqqY7hEAkaXlsleuIb1IHkhZ3Nwua38 FdzG/WJgJYkdB7uc2JW6ee29g0cdvvo1k3JpYHY/9iA6ZkCg4t8/npf 06xxG4EWle7j/nIPIJ0p4zYhNPN6H8oWsKpdc/t3FbqwITz4XDhJeARgQJQbKdHZvbRGfSqBPir59OxzUN5Y6GL 1N4I435NA9Cp1Uec1XGhl0uISoYkknV0gJfqTX iAdcJrrmvv QcawYcco5w0pxKLbp9nuzW5gcO6i8IAyy/mAP24o8lmdGRiCQS1dEgoOZ3aMEdlqKzXMy9wXtuNQUpo9WP9rpJBFV6yb7lHNg2GHS12NaBIZXO15Okxv42NHV3n5GkE4FnATZLSZ/1CwnfphL qLjx8rA4yINdzgPn0HDF/vnkVwN0k5q9jRWs hB7ItDoEAc0j0xxzyfMOJaoHdMtFNILUYVM bf6eUvmOgp0IZg8HfEonbqjz7iz7C2v8FeDC4KPN4NSuTVRlMkilVc8Jr6s0 /X0cpPRNtW58EL4GHkpdEH yY7K8B6m6hasRFl603VNwYOyO8seWjNwDyi1/.../oFg9099ykNs8nTzh71mh

http://cdn.clickjogoscontent.com/?ic_user_id=495&data=6/4CxuaNM8hDcjNL2UpUpPnSRhFRJeAXTdibeJbGWvpKtqdHziWsfHJr4MGQnfNAjCvmOtdTlB9bw79wYIobsJPMNq1w5IPgvoMXBFT8bKmG/Pup/PTeQLrtF3X58eRFOkHcaBjXjk9V Sr9gKwczqLEvMxefk1fbzKjZLyJ6x49FO6GCYVBWt5VdkbS3LxTeANbfoMtm6EQ6P/ivWeMAxa9sHzdJ/vOhaIbD447ASyNRM/KtbTQ85qVAyVzvTIu5ontcoSplWQ0NaBDMjNjSz4iEs8z6Y/fH4xDZmFj/MS9RZduSf7hZ1cZLyNkCnTnSjJFC7KpJ2u16u4SHbtwezU4RQfBXEix93ZZazD6iHcPoNcMF7kheWSnRR8DnUt0DFKTVALT8cqOmYvwFR24YQJB6Tv/tKojPMjWxCEZB0lqUItMbhZz3lO30cQgpKuc/JToIDsLE6maxyCpzCjAUTL4BT9B9BaDKDglJT9Ee0luiGLitZjt0qAivbvvlbNi72onoLyPdQwvKpzjz5x AIhgb82scxr9ufsFSx1yZ2ZZDlkSTs74CAZUD9Fjp2c1o88cxLuKIxpPYs8l4dEhhJTCG1VRth/Nrujo8UZzyMU1xRi8EThF1 8oG7e9OsVegk7ZFuIi7MPVNcBquHqceCa3IHOjtiQ7m9J6q1ixZ3FKLLgzh2l83rwzFoHcmPf ksbz5O9FOYLxwrHeDViBmzNMa54JTeQpDTEx87FG2EIdqunSz3 /3wGhXKHKhlHRQOOZNSAkGwpdZBE cwRFIAQUFJ7gkonr8fCLsCQWuY5hydcOhpgH7A0S4JSUSkMDFTCt9GSdCI8rKrKC9yqsR1d8tg/JxEUBfznCCgXGJ iWRBQtzr/.../4L

http://cdn.clickjogoscontent.com/?ic_user_id=495&data=fLvAxjBRD92q3jP2IZa6NYeNN8TrQ85oD7QgCiPv1pvz9z LbK36A1bk6UJXC4TNXn 9VZVYT9DGDNTOLlHcTBGhZn4x4I5c4EWu4WPV9RehCh15 2/Als r5fxCd2HCd6ydSCHQn5nijZVZ4YwKyIpOE qEZx3lNuPvae/Q2 gfA9i3xsGn17ql1hseA3TrkkkF5 RWaHH9a4 L5 63yH3YQlN/OiM0w0SilnORIEhBKT9GvviYPhuRYlOZAOVtY7hXU1X8QTiq3H66ObtRUWZzMQfXOFUANzS4TeL36hZ GS3dNz18Z5hTCpOxUm4G8Zm7G VNfzCguR/Jqzvsp4pqlc17W2LSXOnO9tkVeGJlIbuMNW24h7UHh1jmMJtY eFJmyZiuMWvSZWFcxJjImAbck7eUGNx37R/nmmbsSvPLmMkTTPv6XtiJ0Wa90h4J3Av7AYKyXJMRqikyz6HwpJdiMBaSQ0V/VfYYSYZpXLSo8q8IcX0MOVCEfBQE7t6W9KgICObpfBswvt gyMjUoJWjcORmeYiSElHGTaseLCofbdyBdt1XNM7YfreClnl5tVth31D2ZJqfrp GAvKzoEe8SFvSr4GjRPxYKHLibkE2apDQB6fKZezoU0gQ0ynTbV J7d46Lg9SJ UWlP1QdV6AToBSIua1o8Jx36N13lUYOREUECFH/p/RFC1P9lH22WZwFl2gQflfnxdgztJf21306VO4GZeZYDyZsAUwaQji1Tj XNCQc6Ms1E3ZxZ1Hfi77mS/Z6HK8JXsBtGGbaGMzd27iUxmCctx22CzygD2huWD B6lhfXzY4qVus52u5GRFmKXjW3qudelowqlv1FiFvbryy55xAbKwdxJ6diMg/KT3Pm4lTxKQfQSPSMa&key=NcqcZJ7pZ5E8XxIDFGppx3Ho/.../2d

http://cdn.clickjogoscontent.com/?ic_user_id=495&data=5VFW x79U/wLoHF0b3VUNhpjRhlTdOf7 kdL2cyqWU0WKFti9Z XSxOYVO6OP/bh05NtLSGY95TO3G9BcEhGAgbYoAfLrTYmquQpD/PUXqnrwGIO9q1C4k6nd6AZOAh5T8gMac Llm 8oPchWNoiZhtuy7Z5tM1ki/vqzhA697T22bul5DZUJ IuCkKM8PkCfiZax2wI/H2D8Gl69saOebOqIO690z3xm danATEJUoP7DRLmoT3neoqSfpc/ngq1yPeMGDajlrAXjuN0JR5ynVYg ZYe/HsRYQQ0dAqB9120EpA8m2d/rgrdBZyDvH2hwiJRe0JmbTYp/MYt6jf hh9PKuX/8bfvXInAw9xFRanbrGcot5WrfJ9kDmPbZwM7 aNvnwQZFCqceoBsU6UU71nKT/3eOTO1wWnxcnj3CW7Y8AI9 oMVGaUA/xIc112DqCDUI2scuWDlxamwnwhAQ aFNOS7JSXYYtU4rgmNOvWc0g7H 62AYgg3A7QFG2SgqwKsRm0e17TUjiXnh7UZPd4fGovlOvrSZW4jDoPIYPIODOJHJdK7Zp1 jXVg0VtpV22a3c82U7KYf5BqI/p9rdhSbKe6T9QhrROaoliUZdU5De9itxgqzyqPHGAh8udVRE1xnZxPaoRPDrUW/NSaBZoq/9tx11aGvzt9VJH3yPcLuRqHpBBNDOaIFyBUX9czUytEa/HJLiJwdzXf DW/6ljn8 kv7CqLhnkyPNl8XsjIqM4tcnVx0xcgcjz/lCX6tQLlH/.../VWW

Remove pokemon-uranium-beta-4-0-demo-32-bits.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.