ac3filter_1_63b.exe

AC3Filter

Alexander Vigovsky

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from letoltes.szoftverbazis.hu and multiple other hosts.
Publisher:
Alexander Vigovsky

Product:
AC3Filter

Description:
AC3Filter Setup

MD5:
5afe025aad0383fb66dcade8d1572356

SHA-1:
d7b58766b6f58ab05b10c8112088f6285cb419ed

SHA-256:
a7207dc5c6836527b7526666ea78a9ca7b02b1c5e0f83f79a570b38f3e27f03b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 11:55:19 AM UTC  (today)

Scan engine
Detection
Engine version

ViRobot
Worm.Win32.A.VBNA.2661254
2011.4.7.4223

File size:
2.5 MB (2,661,254 bytes)

Copyright:
Copyright (c) 2002-2009 by Alexander Vigovsky

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\Program Files\tfm audio tool\filters\ac3filter_1_63b.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:t2wdywjRx/BJRao7M2UkjcEsf+ONsjrmT36kFiVyQEop564RJkp33+Qoai:4wdjLbMHnQr2x84ySVnHni

Entry address:
0x9A94

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 32, 96, FF, FF, E8, 39, A8, FF, FF, E8, 64, CA, FF, FF, E8, AB, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 47, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 10, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 94, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, E3, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9966

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file ac3filter_1_63b.exe has been discovered within the following programs.

League of Legends  by Riot Games
League of Legends (LoL) is a multiplayer online battle arena video game developed and published by Riot Games for Microsoft Windows. Players are formed into 2 even teams of Champions, 3v3 or 5v5. League of Legends is a session-based game.
www.RiotGames.com
12% remove it
MEDIA Revolution  by IN MEDIA KG
Publisher's description - “By it's enormous function range and the support of numerous media formats MEDIARevolution is the only Player you really need on your PC! Apart from playing video and audio files as well as DVD's, you get a complete media administration and a digital video recorder.”
www.in-mediakg.de/software/mediarevolution/mediarevolution.shtml
7% remove it
 
Powered by Should I Remove It?

The file ac3filter_1_63b.exe has been seen being distributed by the following 13 URLs.

http://letoltes.szoftverbazis.hu/kyLqmhFygTDwGSZrd08dAQ/1477812474/.../ac3filter_1_63b.exe

http://s6433.chomikuj.pl/File.aspx?e=0FzxfCiBX8z2qAKxgP2encMr4EAulHQWjQG83ecHGhTbZ8I3ghIRZhADNWnCcYqdGYpLqZ36AwxPXpIZEYO0gSYBaYI1bwKK5NUKwKys4CpIaQPG2kbNFHI4m1XSTZr0XpbQIoyFWjxfXhDfwrR-Ng&pv=2

http://mail.twc.com/do/mail/.../download?msgId=INBOXDELIM1477&part=2&l=en-US&v=twc_theme

http://www.gomlab.com/eng/.../down.html?seq=191

Scan ac3filter_1_63b.exe - Powered by Reason Core Security