home

stremio_setup.exe

Reho

Agile Delivery (Alpha Criteria Ltd.)

The application stremio_setup.exe, “Reho Setup ” by Agile Delivery (Alpha Criteria) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.quickbitspackage.com and multiple other hosts.
Publisher:
Hopim   (signed by Agile Delivery (Alpha Criteria Ltd.))

Product:
Reho

Description:
Reho Setup

MD5:
92a288bb243a9b9d6b3891d7fb9600b8

SHA-1:
5aa1e039f2b9c64ba8eb1cde139e8b996b34fc8a

SHA-256:
7e62724c34f542784e58baa1928ea1f13b9296e4ca121ca75952a682a9013864

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/25/2024 10:55:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.AC.Installer (M)
16.5.13.17

File size:
1.1 MB (1,147,776 bytes)

Product version:
2.8

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\stremio_setup.exe

Digital Signature
Signed by:
Agile Delivery (Alpha Criteria Ltd.)

Authority:
GlobalSign nv-sa

Valid from:
12/16/2015 5:53:29 PM

Valid to:
9/2/2016 3:59:04 PM

Subject:
CN=Agile Delivery (Alpha Criteria Ltd.), O=Agile Delivery (Alpha Criteria Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112167FD2CE27007C69C69FE47CED0A20713

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:d9mq2z7/iABysupZZEGpUgNCos0Uz2FUZyWi73v1IN8:dgzzOA0skZZjvtFUcN7feN

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.8912

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 35 URLs.

http://www.quickbitspackage.com/c?x=9cO8todd4IE01 YVFK3/Xc33uC GezNFAT4QRv5otIQ=&c=wKemiju9ptH96Kh07KWLrCfaDnClH43aU74GUzgtOX1jjcd836RJhqkEh90Apm6btjocbMEGVCdTTzIhW9 pKZPtZw64U7SDPiWn1igtsrJFyT 15kNa6hcaQmrrwAelhbZwXehZSn1wSEloYuwMo0yWeKiy3QGH2lCju7QxGC4VLCnywRQrj8raiEhoDQsa&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=kevj6SndAQPJYkDY3VH3Ljqhr2SFX9OPtybPnAoxGWA=&c=yMx/j4//xH Kg/6uNOQNXhMPh0XKNsb9ehfvPaAuUuQ9C58blL6oX5VpsSV5QH4qv4Dvhhg36WOehC7mifKbPHlvi2 TmxjcQhQdwk6JzLBUQlwxukjcofMqwzMuO8gXSkTTQAtONAcNTlbQLg0XqDuMVL4Ri8joepIHroroUog=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.downloadstowersguard.com/c?x=B5t2UxPBF5D8swT4TfRol0eQtIMpjdD44HuwYFLwfao=&c=g7/IkceHBH6G KcnsNXxaa6YzkSO9/I1YcAednHxiluSBzv09GKScMXi7SYoeoxxRnurgv58r919qG7EYQXu0XVsLxT19CRZT8hvVRAUzVmgVXnK5iYFdoOjEual9SER/nR4Mgkh/G1ky km9th bdyMxkD7Fl0geL5huNGsoiQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.10.exe

http://www.quickbitspackage.com/c?x=Xw9xysUajt5i/utnXJFDwtbykfqytfQK1k0rJv7PFiQ=&c=z8tj p19PVZOUm3XO0EaDjJUgCynF39FNAFYGoXj2Gy1iT/x1vfwAXkHjel2 RDrq09U5 eF6b7dV5T8xtLo3SM9rREpcX91eNPMUXpEwhBUIJZ0ALrXMiroKk0sPucZpjN5SO3qCNWO2KVNVsJqhCExEfzfl2to9z YOzPF86XYX2JWFVXm9esxyJfvpj0f&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=lxhjPBtMd6O2rMPp9OV5Dx4eRjNBiw7rTL9Ra5F5QXE=&c=iblVKrFVl8Y2F8qTAISDyBkcRj5JV4EMxW1Fi8OdET/Yj/qfiBtGcc2kofKiYxKiMS6XrFyScpDcvk/pRO4GQ6SPqDYMyvUDrnZihvFsu00NNQISAJ3IXInPB9siVQao3Qp 6bqMOESvC 6XtRfi5vIB0O 9NMKB8jc6OcDZPKnEcPCJXpJDIyViEvvb J8K&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=zhpscSbTf5dq3QN5OljQQlpaamV xKT56rp6unDeKOE=&c=3gc1/J/pq RyOEu 2tAY95FvWo6UWKLN0sH5yILaZziZ8T F9jf8FRc/F4XXJYYNJ2Jqry4WO3PcbJXmUTEoAJuDkPFuOVsqxfHpt6yjM02uFwi4UnbO9z/lbIhg8pUaE0q4ITg7gz77Ko5f8bgxEt9KZfR1hYJsFShyDH2Hmo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=kemPWLXbo5uqx/51NPVfhWDzrhGNMYp27ShBXHySztI=&c=rTyBkNn11SyYIE3K3/xWRRrh84Jobv6XrLVHnrno31vHXCfiltwm3dznVosSp4HKKUFAa8zdQb/BtyzNgV2h/KqL1f6QXjvE61hRTJIFAWdppiz7dDvuqEAfFJclhQJcFQv91ZdmXfg5J2kczTpbWy7XX ITPI3mjyf3e29 RT0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=C007rYg27rGhvdZaGTM3SubzIRi BEaI6H8Z40AQtHI=&c=6iApSJ/g9pZj7a0a1EsBv0UIUMjPmK1p F4vZgbQV6jCFPX9vgliimTD2 RHgjtnl4RcjXEkyFDqRqkUUHTOvt 1eUaO5t9tNQ8MEeFGHyLAVt021UI6WQGBADZtgdji7RWv/GoAYTvkUNyIzNKAplnesJYL6oLybsME chPAEL9If9zn252Gk7UjrNI2 M6&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=V dlXH eTKe8Yfka Wx3r8Dg37ER4gMnkH55aN3PS28=&c=OqWY93VkEDKSK6mWA0TBCw/Nt76s4QA Uj4o7Nw eGQfxivxV/g18qS6VmavO/xfJW8p5Nf/kYcyNd3t0mkwP6cm9lF56nmKvtQyQAFgAs6P3wEW1idYoTZi/6b7/ErhYoW1XRqTmb5vX7dprf6C1AZdj5nEc4tSYZdimPOeyVU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=juwAavRvrr8GWhdygG7KwO9cRwHuKp8o 8yHswEadXQ=&c=jdkJ RlM3JWitWzfAZukpWi7IPzBpD4LlKN6CWm2ha7PugdsXybLniz5ITwkd04DQbmddZXXpwCzMVDJ4oJdkJ5TbD0acgvjnk74bOUEfnXvqaaeVeY mOlp7vB3bDZ3 S8uCUW2 85ftihB0XyMk13ygC/D2dFJcJUHtSt3uIw=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=HwESQs7uYzev2u2bslfdOSlej4WE31k1ydGVSN2lJXE=&c=jXlLmyVEOovycEse69N0OUFSx40n04WBWPTs09YaryhtPDqUjzcZ1UXVi5SP8IdKI4XT5VA/KU6COZLOtsH 9uLviwZTXXFmGw9jGVmc4bbQhR9sMZwCb8RU523ODjg3zsxbNBeMishwYktpt3ZoRr4XdArZ6vKEePkEpSca1go=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=5M3ybafG seog1FF1VEdAF01V98maHPFeBDG3SLb fQ=&c=G/wL32n4i6jc219FqQ2B5ilm7oTlSaenQXltvYFHYJqFYFEQUa8Y4Wc4OCrAyDskwfqphaa0VMZDvAkw2JlvBrsQXYu8YvvTJbMlQ4bfJNYG98BuLO4N5ZakklLNDEoiJeeRJXs/CAMYIbjImphE4dV04GvlavpSahpP2qZRrIQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://strem.io/download?sid=eyJsaWQiOiJJTkVUIiwibm93IjoxNDYzMjMxOTU0fQ==

http://www.quickbitspackage.com/c?x=6zN6Yx5VgmhWo7ZXEujPDl7xxfqWhgw75cMUhxGZGuU=&c=ca8YIojOT/Ab7beS7aZ2XUGB6ks0boRaZVh3EynjKsgUbS28LNLb1iwZRugvWB7IGNS0MSgXgNO21kq/cvybk1z3oVkFOSCoGlIPe20u4pJyNxSWmi vM7goM7AYUXl7xEbOZZgQvzVO90GPB1nsZB4vSCw1GRTpPp9KDfQJhmQ=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=uB/IvJ1ZLtNiEUEIzgQbws3kc6KDRASDMrUIPlEKV/k=&c=50E/s5KKA9JhD4X4xTlAVr0ck VNjWLhJRO575KnvEm1O9PjQTUc3OlCy8lujmoJvl46duHEd7aauUnoQfvWLg7ykW1vYymW71cCC/2afI5hd4eHvtrWXxlxPZy8Pi96x0LZK0LwKrRCrR xLIk aA9toyND2TsoTNEX3hnzIBA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=vQEoVM81HdOoClQaOmMF0v1/f7l0yAWPcfdbF1k6ShQ=&c=BkXrM2S1OmJrC1vNGLD91oiLU8EG5u8selOVS8l61M19YIwJvOhjG808zwaVCyyHoNJvNYtX1cjrZGuj8rG6e8aO4Tf0M55lThW7aiafc4jiOfZkcOOw4k321wJ3kOYiq KSMTxOhOksyZCwJcaGqJYAeOg8leZ4tZvDiQRSPum4P90GPFZDzcgn69Lfca3Q&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=R0GpshaBghbHIX6jVr9AYiq5NNzrEJB3Jfbac1/oSz4=&c=ZImKIs8KO1DuvUdxcgzplBPM sxvUuEDwiCm0WMFQhz1c3cD5E1dDn89Q6QGUysCo/DlXftsaWs8p8 SPuTtjYYQFWOG7 JgGZk/0 IAjqIQdCPaIlLyDd8YiYE xnQ3Utdn9b1TiSN1DM1kw/3DXUD2WAnly4sm1k8BPlrklRtiT4VtqvzGmJHoo0aMalqO&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=bN gsPOWhp90t9iuR8VAe IzFSSXUuT4F7KvzaNStu4=&c=pqdxOUr3deKDHOngLi805Lewl0gq2e41eQrP71 On Xe32m4 ewprpdw3gJYRVcSlUzk915E 34IC8VtQQntbKP4NRNr1w9QSLuvDCnyA HM tGt0bL rYUddiWJRS3DZnNcMHTsKGVsWmQ0vdZqoVeZCwMKIvwkRL16a1Grs0s=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=jZlt2URm0crFIQbYX18EFkLGrQ4n4jZk61Y 2jWIpVY=&c=PN9Q/QBkSZU0xlho/vXDQFD20U4otc6R68x4fRIpmWJXON3gu0W iXhVxDCVEWWhjNOUuH8 P7aHlXDu133mmhgrvUrBnmaoa3Jz1ooqkzHn4emXMwm2Vo9/5Ao4u6aahS3h0McnqwSu3fAtA0gG9rj6tJ2tU9HIU92t frlKiU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=4lKr9h2s h48ePc6DoUTsLR7a2SwsjzBe3dvpGvGliA=&c=mvkjDMpi5iuzudcJMkfa6MDdw/LjHWMmjWAqATKiINy5NCHDgErJ5ljU9InOFIJcl51N49WXSstJlgV9Sugu3lX1fGOasHn3aCpi1n9u3iE9/xKjBXvF8plYPjNFF45I8nVzzNkQWCk2GiN B7eEKRfKk1CYsSkkCbljTJ2SO1nyo8UtHLv1DVgsMab02d3N&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=zLU10 NSUz19 LmBHsiepq8wnzw49B2Nt5464lhiAtU=&c=MyP/FDM6joqxizNZcNW6aBWeOCaCpyg3ARYfsDbyTDqePiLCSDV8byZ6Kw5kqNnIxJTOhTBwYVVHd9lmV1V9Srk fXS11VTzw3VIiiM/t4XGVfxgr86sxECWmFwqoXn1xhbqgFvDU7Sco77vpMwah/S4TuaN4kqV5TSy1E3qwzwuZz92IZA2hL/PCxvBpJ6L&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=auK9fqKmU9MBgzeULhXxh8aBriZ T3kmP9qf2IbDm44=&c=l0vTm8V3 BzYxabOLBoYgR8iYIW3CBAxaecH7face0JcqBYTIG9lCnJH stEDeGDwLpwk9C4BYKLSUgD/HP8HUFBrtrwu30OCrhkKY8MdNOZIEgw8KGihhUOB8fcYqFi1O4P281VL0w52NOK3c6e/z10VijWgIYYjitGg/31xR8=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=9ZOl/JQRhIZbx1h7Yp7CbZs77Cjt8/vqsb58Ofi1yEU=&c=z GscG65taD7vy9h7X//gFZ83QgB7bzpv8MVvLpPI C9BQS4lmGdWhW31hFi/Na9ORFxMq0cyvYc1IBloX7tjQW1Xiwjng2dkEYDcMzo75U=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=7A1mYC3e9KM5x3yaoIPi6Ff/Vt9pz8o0vlhQ5l1iWGE=&c=myBIm9mGU5cbUXFWAnducjpeFMr5xB24u62WsqaI0ER5jVoHBt9xBp1VXnlfZT7MZDQ9QcEwYUY 2PmOsSZY/Xuobykyn3Hm4iHkHxH6sV4FevoPBMOGtL/xqBLWty6nVHdLQYuWM5QXGYWiDu9qVAklinY petpcYaUFZ8b01ugQcnmyRays322lJ2RFRuP&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=7MTpLe qCd2Copq2cfsnqxJfWZP7nArHZ5jYUV9ZGNU=&c=bEggwnfsNbh1O48kZhQ1EkK12rYBEBqnB5eZic68TfgqqeIvkR85jxVX2q1YbXjEzu3CM0FnG7vzH79NPA/6khVGjVnK/YaWIh5qY4ysjHKZP4ctTpUgz/w9yVXnGhmUPzCQOtJGM KmnxTeq8lRgvpqiUGkHqotOr1vcjDEiYqNo tT7HxM5niRWYmTY5wC&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=OgtyIBLuv/w5Iz4TG02rDm0NJCwSVEPuaaD3yOSPE84=&c=jI2WnDNKUsYtRhkkfrKC87LNPn8W6H0xXZRmP7kegvMcDMA6JAEGi54r3u5ErKEE5C3Gm4uFwIkWKboeEwA9jcp0nHCFNQgsAM1pvWhbSaP0/MG3NnoU24t/cAC1xnARsz7SWAPmPIp6RXwQi/MzwSg4AwIf dy en7/0vHDAlygg1K0mWrhasH2XD48Fp2o&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=m3RGIdMI xquKsQfsUAC0qGXXD/n93q40JJMHIhzN44=&c=VvWD10sZoW5oaFdMcGsq6FDQIauqGay4A DMnHdB0NrTM6aoROmBuoKkLGky35Wgj1KBRavHVPeEluIZ0qbEoC/7L2WWfoS4RJlIgU9xh8oGHDV it4ql1GxwJ6eOmY 6GTW4e2mx7UIO1iSFdIzJ30dgsWXk8cDTAONWNMLar/Bn6VSbtSskPBLnoHga2TO&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=EYd02rGFbD0DQ1NTl39/PA2bnCzomyZJSjnvAS Us4g=&c=xT KWgCFQgu9Owa6mszeX5oymtPdh4duDAeTJKqipbL2gDameHKeoY7aTGAedPuup3FzMuCwqt/AsNgUSzECMCA8xV7GRTiHW/TRmPjD0oJo5KNDkVm5l4QBcUykulALaTnmnkLaIRM6zCV09CJ9JYX3 YdEUIT6EX36CQ2uSU7nkzlDyDq5etuBP84M4l9N&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=WVD cTcqMCUboeDTaq/R2X9LxRJOTTC4Dcr1LeZWkSc=&c=sMsOJeo5DA4yxDwykGApvCy8Hv Bh1VS/fylrib0a P6J2O6dhbQDS TTJO4gfbvB1Td4GBgMOgQolhTSjCDAXH8lj1fWWeTDy5VbVbOUR2niJAqWhp/pJTjKYgqvjyqCRZ9B6NI54GAt mDAGaxaKtLVAFnqb4kjrh59SMec M=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

http://www.quickbitspackage.com/c?x=ZeuxF20LU13n3HmoAQa5GKOXLsGIPsVxigHYRp Btao=&c=EpZ58I3Ir/p5KWKz2U Q6kyzhnLm2hR9PN4Qgj0pcTSFHedEODc2hbsc 7IzEN7xO8EUGsUCabEGVf0afHwMrjkCbYPBz8jh0PihJRbJkfRQyKjdvAjU7qerAmpZSPMJPvchp0gAu 16s4z9xyoIqHwQ6NhWJgsOYeUJ6z4xhJo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.5.12.exe

Latest 30 of 35 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.