home

stremio_setup.exe

Tocihasal

SpeedyConnector (New Media Holdings Ltd)

The application stremio_setup.exe, “Tocihasal Setup ” by SpeedyConnector (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.conceptsnewvaults.com and multiple other hosts.
Publisher:
Gugodota   (signed by SpeedyConnector (New Media Holdings Ltd))

Product:
Tocihasal

Description:
Tocihasal Setup

Version:
1.8.4.5

MD5:
8d0841fd82b9fb3f9c3d30a4dfe9ecaf

SHA-1:
a5949764a9d12b8fa71fa6eb30ca77af83b586fe

SHA-256:
4626b97f8efd7781bc6f2f9cee1401f0048102dcef15cc8c9e26a2841684d673

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/27/2024 3:24:37 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewMedia.NMH.Bundler (M)
16.6.16.20

File size:
1.1 MB (1,142,016 bytes)

Product version:
5.0

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\downloads\stremio_setup.exe

Digital Signature
Signed by:
SpeedyConnector (New Media Holdings Ltd)

Authority:
GlobalSign nv-sa

Valid from:
3/8/2016 1:48:06 PM

Valid to:
7/2/2017 3:25:43 PM

Subject:
CN=SpeedyConnector (New Media Holdings Ltd), O=SpeedyConnector (New Media Holdings Ltd), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121FD2D6EA2DEFFFFC3698923DA733CCD42

File PE Metadata
Compilation timestamp:
6/19/1992 10:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:pQiDmUFAxFkIhnkEixcVh/XOFIdCq3JhY5xmnrP79c:p9IxiPTihX6D8i5xmL7+

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file stremio_setup.exe has been seen being distributed by the following 50 URLs.

http://www.conceptsnewvaults.com/c?x=T8rSDxH3a6ltaDVUBiOclgRdXyiyW4hCbXVDxfuYSvw=&c=a0mudINwX6IawfdfwLWZBEmxhkiM2E3enzJgp1TIFExd2jaPiEWSyGzxLUJkI5pBpRgvdJFl9KxKKfBXM9i79u U4BITFTdFWpkaEJ3KfuaYZHVyFJ 6ORpPmkRbrxn4lemm0 JcFf3pxUfLx4hkPb4KvuennOAb3vjh/XH78rc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=/GMOKn7RpTTxM5R4Xxbx2VLs5i7RYOmuBQ7ac30AdrI=&c=t7wCoQaWYUtN2tJl tyZCgjswQ3EojAVEJQVEVMGgTo94xMtK9G dN/DoS zHarjiH0/uIuHgV /tDrzUQ iVlD6k U 8cVgOGFQfLhgDBkSxN0s/Bc9fPx1 DZgEWbF5FTRTXkFcD9Z vCfpPbpB3M2r9AAgi1ifsYHZoxkCZI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=WB6GVDtM2XSk3oaH0hYghl4B22ja5XCZoNSbsJNhnmA=&c=E38nA3jqwlGF OceTktpTq1H6D/N47yZF2uXd9LdJP2NxmwPWXvZcnfGwceAWgxots5CBDpsMCRKzH5gKZeBoS2 kx5eKcWLI57Bi61XaWI=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=zMvu4a80Z4nvrazZgs2gfAJhuWPg7QbsGPqoVgYr1Zw=&c=t2MFjnzFef/eylNHr 556E7E0njCRCXf63QjWsbAmnDsdKTuFnWbgoIiKcDsGvJkTyXk7u1gZ/OZZ4D82Z KFetRTWo6nL9kb/m9aNmyo334P 6okj/3ju5CJfIRK134QuXShuiQVD/N3tPKQvZDlwdMb5ip98NPdxQpcqFF0lo=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=pTlHlpQfKHPbwUkQaKSsFKaaup/6WNtf9tI6vO/AilA=&c=1QORn8bKkEuO4xjaM/NUHiLFuagJ4u3yGIls5uRjrskG2SLHtMtIElKzlAsztCVZ/F2ZItCCH4RGf7ACFaW0O5qoI1ixEML/GI8iqie89LiKzA4MP5K2JeMJ2L64biZkJQbuFOyRu0Sh6bMUABJ6f31Xg18W8LECbcSkV8a PG4=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=wthCyhKH 4/wwcH3ZfUADBoBR87wV45lhdTrlWyBINk=&c=YQD9gaFjBZ17MKzQYQakLcSENWlNptUgRJ147KiOrNQkw7sL/ofB8fTfUFukho NBFEZDln01Is 46tjK3uLR83d5uMoXGR/tYFq/9TTns9kQRqNzTcIh06B0L9HiyJraEvbrvQUwA7kERCn9BG8m2c7T4fclOGj1xAHi9SXQg0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=jcD/dn7ooQ/EPHPWn9Tu4Vv92Mf3Bzru0PsRDPgrT1g=&c=/HG1KfO/n41W8K68Zvn015M50yZNH9WYDpFobIvb7gKIP9Zs2A7IX5FVLI6XbPAjd7RYTXrHvrj5y9nWOvFsrVOH8cMXjNlbkjsLpuvHfCow4VALOLzZ kDLVZjtCZuw8Dz0j8ZsNGcDb1vSwrPGpWgpbez0CZT3 QP6Idqll1c=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://strem.io/download?sid=eyJsaWQiOiJFWE1EIiwibm93IjoxNDY3MDQ2NDE5fQ==

http://www.conceptsnewvaults.com/c?x=foOAL3xtIEsqufHHy gJ8R6ZwkqpsKSrWsn8TRNSUf8=&c=CV68dwrdEJTUo8Ixu3jJ7PMaSCDLdqCZ h0D8NYx kXsJr5un375TpB/vTwB0CYLSwwhkid0LHW2/0hrt3SiUZ1VmGj4rp8HQcK4LcM34IfSylrYRWb/0dh1cz7hmU66BRk9fPtiPoq2N Ykx9s5kvie6BtYlhrptcGMxaE E2U=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=fU/kxKw4NQIDeaeg1MbW5Cx6Em7A7KrwYEZmERtxYQQ=&c=Mf9GqTcBmuS3Y9e9uoP1s3lt299Gc29Hcd1O7wxwzION9J/3/yMaBSlyJ2rCaa NCAToZq589xnmQZHhyUt6UbNUmrBhf5g5DDSS0fZi/77itcYLAW6ZbSstWGzc5jnboQgxC7JIBdzYPADIIgPeuXus0j7O0iptWKbCS6v3ZDg=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=lFUxFCg42lkx8JYB3pBkPrlSj1Bz8gWEHdOEavrbLRw=&c=B5DRqd6E3wz4uc4g0F /uFXa4uRUakGkG843dX8VYgu0JLeiJQopCjRx4xjcGKi0oOYNwNixG7NeYCgB39Tz5ERR5zV68XV4oXiWOIKp58Xtt1k9yqXHMxsv9N55U88e9ZLPmLHx KtkIibbinvmwgz6Ltbz2Gvnex6o chQx6k=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=MwDyY/odK2PpeGJP9M67Pf xmu3t6fElz/Xd4IEHXUo=&c=iGTAoliTmTYlAzR ULzkHXsevleX9j8Yeffw/oNRpBwVOJfx5aK6PTh3 I8 08SrBkpyTfjM8LkKDfBAuLPzg0yoexXKTjriQInwV bOqXURyL7hTTc Mq7xw0K9n4VhYfecTcEM 3PJg/sjoWdlBHOpOaE986qSvvpnN5zAISE=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=v0WxBlLz8U9uD dm1qUBgaPLRB zCvUb3wezfJE02kg=&c=7IjfGcWI8 REnHk8dUo34MT/pnrZPlNVLi50f1 SwTiD5P/3YlOAPRn2DGHeW28v65j9R4Qmm3i NaeceuuKaImmU3iJH1MH/Ry2OHpLht0 dv6OiFmDDWyvVeGbpgupuqxvh6LhGm0JBvdek/gK0D6GnHFAMk2n15C8RKoxqe0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=pYp8wi8U7/MAMbIqYKV5R YipTopgqLb2gtZxPd6pMA=&c=HTF1 OsVqBky8PUkZxtxhfUxfm/nq9MNrWJo7fCBjWwHS1w5m8U35hnT0pNicDgazSohQEb8UYCz2nnR6cdE3hXJz/DohaDwOsp3FomcedAMaL7mwfztzQJk7OLvUaRv/WAocW27FXhmb4xFNtFL6 KGNY1ZqMqmvfRWvTEGQQ0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=kmIft0PJhMhkaftfmI5TceNCZJISLR4NjHy0ZD4A/Gw=&c=ki7mXKstjS7l/0v6Vl/EwbYR5kXJOxG6tZwuEAfPtfxqJYiLYkYJbDo0B KnMT3bwZoGR8HWIDNOHndGcXp2cyuXvgaJxVoBDPLePDKBec=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=Qu1BGun0JRwt21dxmhp9Kz96fQmjd5tSsBizx6ZqYLE=&c=LiAcdIM5eP a6DpBQBy 1xL6rjF9aT kaaISlrjqEKT RQQMtLd66Quk48FDsAL2yunyC4871zXiq1suEZecTjgPk41u2tFHKQNR xsCSeFUmCx5v7SyWeKibmvyz5fiCREzg FiVkmwq0af07ZfcDt0RWDqltBduopsiB5kS0w=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=onDoaNulstyTw21PmiNcUqWNriFML9eGhQnF8soBaXE=&c=KC6kfnWWyvJkVfaeAK 7XvU L RT TQMPW24fBBXV8ySFziF/2gvXNJTBXfGwWqOVnEK1owXOgMkLnOMdykXu5WZLc4QCNU3OKTRkfFsjl2jKboTNJC ZOWSsiwB8ZAqEuUEM5t ysWUO5X2oQ DhMU/v RCDwZz7 XrGMqUUAY=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=aB5iZmFL i3ZY4l3efhOdmtyx33b2xncNfRURTPlmGM=&c=MQGOv wRBuukDsR9R7m9svendbsU QD6Ep6A17Jgk1wGHy4G/OTFgLZVfnJ42YrBv8sutD8ROMsnNg5iamMYuVjmeaKXFo4n3qPh7Ku8HPlOZCHYeZdqkTjpmvKt7Jl2A6NiUWllANTZ4pViuRlvXzj7xJ1iN5ezVN4Rqqtae0A=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=ilnTDMFpOmlIgX4Vz/YqJCd4unSSv7LjK4axwvCH/NE=&c=eQGPAEQDs3Hmx7GbCjxXruLchg1LhcR9x9MNJE1PfW0Peta82t5fK9fl5n7TxlcaSW0lm3/nGKcdXTJUxfFPSFx7bkEXVQ9QJjzvf3ZCjyc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=T8dC2ZzmQrMVzh2iLcZ1ppWaGVelVXMF9wweCdADuQc=&c=uhFgldJWLmTO1syRDk1TKjwHu5rW5Gnq/NPH1UmicVACYpx1CBMhH9qraUWQ2R70Ezvqvx82QmYle7Bjyta52lWl6CEHvAv1iOLmcgI1xo0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=jY0HeCBLhn3PUiP jAcs94mg9x0XZxH7Pck0Y9C2tWw=&c=fdBt5y2DVYwRSi BFy3ENIxq4S w8JPfgJpR5b xWQimRtCKmBR3fyyugo5dgwlUK2855oYnCON0HTSpU4hzCIMsq8gYwzMSsQBmp3sgnWM=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=MKaSxXCLiyTyzi9eGo8VMgH/cyZajJMQx4a4Wy7Ussg=&c=4Wbxhmp VJtVuWyYyOExeujYfI8FhHRXeFeYufvFgA7zVUvrWX7xkr X1m7k7pTEyiW3O3Ufi6E yTwkjr6Px3pPjF3SUkZA4R08CMAysEYp25q/ak69jLE0k RnHXdP5vm9 /ZF6MXmZXrh8ujXHC0xEv8jsx/y7f81/lPAisk=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=1IdXImuptAtV58pNRHtME4TtVrkOzFs ecyyDtTynlQ=&c=XDp 5lIy5i6KlopMM/eZ4cJ 6 YWy8g7FiQDm8dkYvOb5P2KM1VV0Kraqq9mVClOVW6ef/reKXPKZQXKKHIOq4V8tyKX8S/bH04T un3hIxev/TCi4XyxGsOJJjUBM53 zFxPt/6CQhhiIJ/Dz3mvMiuYcNNlTPcKHffwEd7eSA=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=dKb2kA1jAe9V8eEkL8Egpz5Rpr4IExNZAUF5 /31KY4=&c=CDbHdac1NHzZ5Fye2m2 MdgWMxO3P6sGec 929szCFKJuVo3xHyacW5m6Z/rVRgwcVWjjce8A/fiwnMG8eNYC7vltATy8Fhu9W40X5DMZ0xLkb0I7aIqnUhFaPD89nQptonGHbFwDf0nl7/zyJH2sdKOczuIh61MC/vSmpM1LWU=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=DsQExKl0VAxv7t2363KUricXEfgOo31zyxpJC5t90I0=&c=Zn8fCWgQZKYmWA9NNVYgLcClSRJG52x/t0OrMUrV9GfN1R 07 GR6FeRtX4/GpZcYdp93m9e7fjOGdIIclONMikRHjmEPfX9Q7CtL9RiyiPcD0BSWaWZONFZ/yk6dxAc9tjPCJciOCN5HuFes7zBFKPbAMZrw8 xtly6UJnwgAs=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=Ic1kFF7o6V8KwfwQAVONzYhpqDPlm7Ar0tbWsmRICgQ=&c=2CrrVuLkxlUWBUvJWNHsBTtS/N44AKe7E6T16RML9SJeMTrwNe4ZnxK tU14ZjxfWFLIZsEBjB65gNAoqZX17433R2FXsnRWfKeNXmMYoo5qLZ3/h5azNca4FHrunYt/P/DQjcecnVtNHYwEebkTT1cS8aoFIPqxphddw0Dwy0M=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=23vD/5PqLxCp7q08V0flCnS38M135R2VHdWG3z4Q/u0=&c=0zKMXMtnZaeiBkWYphXQmxVohIWe7BmMZD/nZemasLLcIRjDQ2pWuMU5WqavhdI4r3hXbr6KYLJAjR0OJdotiMUhTCAKYYt8lJTAnnQ7SSRsSOsMcjRY6wFV/ XVfoBlcRHRTB4RTG4fPWKKr6vsxpNOo INCrMUuKHHYHPdu8A=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=nEdCG6UI9agni47rgoviOdweosGWwfCog1W7R8ePL5Q=&c=kDpvjtOGPgyqbW g4KiU2WuvhMCPVTb19Kg6TCdE6SlE8OexwEMzQKNgB3n3W 0GWEl1hyC4eQLL2MuxoeA945xPaCB7/ WqhfGTQQzY/XaHo/3Yg4PSbnxnRNakTphhYBomP4ba4SPhs42mttuQGroGH4aHgc1OYzYCOHNoEVc=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=RdU/5744Wo4b89xjNrx4aokMeyyZeryWXmAxbi1CS0E=&c=yqAdQAmrVTMvrqvHpnDQhO8cEweahOScnxLdq4pJn1DXD1mDeCaCiaZq9dgbSjz1rubLgE9 bq9e81Igr2hcZK2v/4GQt fLQj9ENmqmnoGomrWQ3PWbWhfS2ohSnQa3lMqzZASDWOlhxXQdy4VxoseHEGwbjCgEJG1LGkJ8z8s=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

http://www.conceptsnewvaults.com/c?x=tICpKN/Lzy0KF0/CUL9Diqpw yG5AwkWS58lj9PFbXA=&c=FDyo2pN6PnHkdmxjg4ZaAy/vPCYc21zJ9eGSdB 2mr532GYvpDlLaaagWrvaCUJr5G5KQUBsFCH7nVimhWMkaT2g1ff8kWtgpa/VfmRU/e7M75VZ6qVBd Hyj JTNXtk/fdHVnDFXradbzjw9b17nRXvfqKCsqm3kdHZDcbZ5C0=&downloadAs=Stremio_Setup.exe&fallback_url=http://.../Stremio 3.6.1.exe

Latest 30 of 227 download URLs

Remove stremio_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.