AMCapSetup.exe

AMCap (Demo Version)

Noël Danjou

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Noël Danjou  (signed and verified)

Product:
AMCap (Demo Version)

Description:
AMCap Installer

Version:
9.22.56.3

MD5:
421ac8f8bf9dcf2307a9ba2945b953e5

SHA-1:
0bad70bf4d568f2e7cc74c4b39a41be0318a9ab7

SHA-256:
15b3547774c9d6146efbcda7edce50e06940e3cf2c8a9a7c99a9420c3a9a5ba4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 12:09:22 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V0111
7.2.44

File size:
2.3 MB (2,458,200 bytes)

Product version:
9.22

Copyright:
© 2004-2014, Noël Danjou. All rights reserved.

Original file name:
AMCapSetup.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\amcapsetup.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
3/25/2014 1:00:00 AM

Valid to:
5/31/2017 2:00:00 PM

Subject:
CN=Noël Danjou, O=Noël Danjou, L=Saint Jean des Champs, S=Basse-Normandie, C=FR

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
012D4FB2654975ACADD838F3D21DD2DD

File PE Metadata
Compilation timestamp:
10/7/2014 6:40:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:5WQ4D0BydtPpbST+G631mO9OWnoMpIlMGTJRG:+tdSKGe13OcH5GT

Entry address:
0x335A

Entry point:
81, EC, D8, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 30, 92, 40, 00, 89, 6C, 24, 14, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, BC, 70, 40, 00, 55, FF, 15, AC, 72, 40, 00, 6A, 09, A3, B8, 92, 42, 00, E8, 15, 2F, 00, 00, A3, 04, 92, 42, 00, 55, 8D, 44, 24, 38, 68, B4, 02, 00, 00, 50, 55, 68, A8, 06, 42, 00, FF, 15, 7C, 71, 40, 00, 68, 7C, 93, 40, 00, 68, 00, 82, 42, 00, E8, 80, 2B, 00, 00, FF, 15, 34, 71, 40, 00, BB, 00, 40, 43, 00, 50, 53, E8, 6E, 2B, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
24 KB (24,576 bytes)

The file AMCapSetup.exe has been seen being distributed by the following 50 URLs.

http://dw.uptodown.com/dwn/hCG89gMG6uFi-yGc7bvRQXEvgVX8ppCJiAlOU5qqXtS42_Q3R0gGoNzxyZQqYtbVQONDDBqedEBVl3eCIB050QoTE58stW06xq0Y9Ngm8YjlYUE233u0WtISbyJewaqy/-OXO4ORbyYbOJEzeQPU8pVnM-x2SRrllyVIqVJzMhtKvFYXQVY_cmv03mNnBtpWpIxkSGYXZp_x_0LgtDRqBbCMKLKltMDimWNAl56O8vewxKMyAJPtQ8WR4UizDYlfC/.../

http://dw.uptodown.com/dwn/SzNuxdyHWjnMN74LdBIlZQgF_y9_F5BvScm-I9-EIXXTWc-j699Cgr1_xxrZyUFF2M_h5M-5mLYPxUGOeEWWw3P0BOsVDx_WndMWe-nIr_F_k0gyDVrKcfPLRgP9KUjV/p_AuZGiNqkU21UVXv4y1YycvjBFhGvot_6WYwXntqakeeKLqM8hyN8dr1WIDs5Kglq3wKFZtf2YFEJMkeCyzB9v3yNPl-UGWZfu0N8aLke3P5C-ZsNiE29jpL3kUQBaw/wksaIKnPTjkmHeoii5FAbJ5uUIkdtyAy2WSirFq14cRbHz4M0AFos7UAuEUiHgvPwlUFiLtb3qevTImYCmP6PVDp40HZCwMf6T4JTSzGp4YVEPonoi5_3dXp9EfF4tPC/.../

http://www.lo4d.com/get-file/amcap-webcam-capture/.../

https://dw.uptodown.com/dwn/Ox30fcgiMNQPkbffU8DlX9VL_67q8HE8VvNotO4F_BOl0-OwgJM9cMQGmKPe9rbPAleBTlkgCRfiDyaNLRpbFeV0elvWOGBV-iHkg8K9-scelhTnwhr1C1Khajh7Xs0g/DxwE8Uok4rfIIhCUYvI_DVbOHvdVqDaBPbWB0AABtkZISI_q16D4oQMYzADjzABWBGbLU3tEsHTE1mPmtGbsYi9o98azIKUF2xIvT27yWHF-fsRu3aWv1WsB4hJLSOR-/sN3b4AMMY-V4CXq_EY5gFSstygpJd8oWTUMd5-oc6r_Pe3wtIRUu8NyrhRsXqODKYrdGHM-4jw7fXUWRIsk09fOzqYKpRdAypow9xO-bZ2PG-WOIkh-vpXu4B7f7HweN/.../

http://www.lo4d.com/get-file/amcap-webcam-capture/.../

http://indir.gezginler.net/i/17683/.../

http://indir.gezginler.net/i/17683/.../

http://dw.uptodown.com/dwn/_o65ss7U3emv_bMm2m3thl0TXS02ctSQ1SEhP_XUzh7JluIBBpi2MWsrfyfTtvaHMWkhcHG3EhTWxq0OYwLAjrGbPpzC-SoBeYhFuxKtLpSATyJxpVYbKTXX97fZt3sq/rt3Z8WepaOTpLEASIpAixjm-yw6NAL64uTmELF7dl4FM9a1qtqLLSQ_RX1w0oFiJlKpFWh_R7dzweM3WjmH1DOireRGKzKdYP8-UOtPbBAGj4TM8DXQ_4DpOP_ZHAM65/aOVsSEoJlVlHczQKYt_NxFncDgUlJbqFv_Pi4UWB--YthoSjF-QhZUxLy-jF0oAeDkSkLBkSgq9L5pf4vh9mjK6c6W_HU66Q5CUqafha0SN3ewS2_eWKVnG0tcI_PfdH/.../

http://www.free-codecs.com/download_soft.php?d=239fc756b4d4485e23a31491ca1979fe&s=525&r=&f=amcap.htm

http://indir.gezginler.net/i/17683/.../

http://slc.lo4d.com/files/.../AMCapSetup.exe

http://dw.uptodown.com/dwn/cmQcIwQfau9us9kG4NF99DDtc58Z4uC5V7jiv768MlptA2aVqHD95d__zQTKN6Y17TZbTP7y-BLo9Z5BwMpWC-iHVTdFDbQMqqHpgljNV29IAhJY2BxrJHwuJceoc1bx/PP8N_61goMeu47rnRq1zCTnQj-SJLEBzAPi7DG9Al7LV94myoJ7NAn9DmhWQc5x_jUK4zf3HGhOgMcqmBDqCtlwy1nhFe2zoWKx73bIcKUUau3L0wzjC9M4EudgdzVFy/.../

http://dw.uptodown.com/dwn/bI-PWedg1LMYZmnFscU2RC3DjRB-79gyeKH5hMo3xJnV4JD0IGvyO_o-2p08Mvphff8DYPKDXbMMLeEMaXK1tSLHH_9bK49f_n9syZOqsrB4DcKpJgJlJZCaIUg0fnvv/6VFjkUwnBmSNcy-_eUsWFOyeat3IjBIui3T8KzIpe6Ypu7SS87c-3JbiejUePUAGdA3gd5PJHqQ_DEDIdVv6SyEbY4ALVkFh4B9SUy__ifYFXR-QOT3TDVGfRo8rGn-s/xYfvJeiDELtxbMf4C7GHZ8ft-HCkhlI0ZoCI5_aqLN3_TuQpaD-uopcT56S6W_AmjHQ2hkZGkkhEJZdiB-mVzjHkMPunT8MN_PdJ0srv61Q1PaBsvT7lWBoljZPP2JSe/.../

http://dw.uptodown.com/dwn/rcCPpUw4DaiLUKMPgfzMMYAw82nIRnb2B1pD6SmwjmdMwaCOM5l5Pzf9OlTFL0K3juKu6affwooWqx5_MHrOerqHvMDTNjt5Lj5vspfhbz8McCtqg3bS-6x3i-MJCa8A/FIoYUm5zxSX0Na4Z35t9UiUGn7y6hDYqIl5q6bjZsAh1yd8Ol0xf85ndfyEH27W1oBxGv3Gkkkv2EThLlEdSiWiPE5fh5Mk1dwqHN2N-0Nghq2TTsuHXknx1DL9gWKk9/2FRdKNl4XkJXk0AHlFkNNF5jVTIAlPRnRKgBy93B4L9IBACKUMBb1XYCe8c2Naz7qiF69L10W1kDwcQoGporPCp1-fb7HOSlwIKnJouVtGXwE3rcLChaG1hdBONMbspO/.../

http://www.lo4d.com/get-file/amcap-webcam-capture/.../

http://dw.uptodown.com/dwn/K-NJvv0ZSNT9L-S52aKwKYIzWKB-LW4pHClfPA0q6qu_6zNDMcQSdp9m561N05NGyBLm8pBLxwLppnsSyeJfhXsnpnQcAuz3-utnFVLHouMsXuB_1xAy6t86cscQyu8Q/1K3OeUqKfok0rKIrlWJqq_ZEgDZk-980M8I88m1rNL_MPeGiE22rmJfe_-tkFIixg0ZVer9aGUsXdRBirdlstQJCJ2Te7zaRVkkj5MfXSkXvGSKBWhN6eIyFL71FnkX7/0YjrJ0BUiVYXKOoiBx0me30l3w7xoQDGVYhaaEMAnpnYTk6wCJJPUT4wJ6JFb-LVRq1fo7uoplroNvqINKCzdqm4VWl5TAUOrBCc4xH784ovdmU4W0AZvayB5eSdqS24/.../

http://indir.gezginler.net/i/17683/.../

http://indir.gezginler.net/i/17683/.../

http://indir.gezginler.net/i/17683/.../

http://www.lo4d.com/get-file/amcap-webcam-capture/.../

http://indir.gezginler.net/i/17683/.../

https://q.tusfiles.net/d/.../AMCapSetup.exe

http://amcap.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fnKCMoqKilpk=

https://dw.uptodown.com/dwn/XfmLYni3Jx7OZGG2YkEXQd917MxMN832i-GO6Mj75Wz5RCorY6t_jtMjRTech0P0cIhOaCPBr8WQ4zrDWD0WEPGtMbNAJBuiqeX0A9f_n0aFOt3FrxHhVxOlCjxZFWxq/uudZkYPGFqelwIDtEOGacohCPv1CTsHms215UtDXlk79V7lfZgv4BSNAjlPXkRepkCVcAmp9n_SjLayyT4YJ9cDu3fd0ZEoF5Z_5sWyi9Hq5K2gIFjE6Oxb3yaoFH8cm/5P_NaphZPeBehcWvnUHjLPLVHRMkcnv9CFtztTXeaJmCMRf855Y1mHXfOWf8OncDy_eEgfGlCkrz7NB6_nOMxNMvRHYS5HPDEqQ1tHWYDR615i7-k1c9tLK218vljpgn/.../

http://dw.uptodown.com/dwn/ZHosdmtoWiUoxJZXVnk0OT5NbflCQ59G_9-xfe6RWcoKi9eHDPvMLTb0mICmTkVJyCO-7Kwq7J-NsFIWVo4QT6CQ5P2VYeKLz8Ze03hdQ9httOCRWxaToBLZIf2BD7uN/fOZNu-nXqDGoMm11c_R9s24DfSChbZv2ji4CeiMAiIel297dJV8vY1EB4dstreHPQ1YiRzbRxs_V4cWg9dayvnJMvmi0_kTceu9KJ-ZuMJtk_CByoJSeUY8tkLl8x1uT/045wZL20FjsL4EcFIQjcxd4W1kGMFn9FXkYRLRePcrAR7r6W2kNop8repgiWw6rKT265xxeZZxSP6X9ZvJHVfXYR7sgEe3vi-7NPMr8z4TLgrvj6pdMVmmmhJtPiFxcg/.../

http://indir.gezginler.net/i/17683/.../

https://amcap.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fnKGPp6CnmZo=

http://dw.uptodown.com/dwn/GuTDWGEvf_5ul8AXJPtn_cHjx9WIo7nbYG6-7BcWBzUoDhMZ3NHzGRtXh6n7o_sbJpAjmhZak5tnLkWASwQSs5AhU5rQTcBK1HzR5gknd2yylGVZDKCjEkF2wljPtdP4/goztzdY_axmrX6pxUuIYFiTqXgguEet6PRwUUZ5UC5R-kWZuG8zeebC1plDyxQYZEbDvQyg-TLW6mL2ParaqdUVVAdDNVaXSp-4p0GnROIUOuXfyNY8Ktj73f2qQmkon/.../

http://dw.uptodown.com/dwn/xDE0vhQFHRB55kzh-a3o1ZIjwiKASsB5ofOjNJuw4LFnRllQ3rWThm93GSAjC0Sw7cUB79msB6Xe-u3B60f3FzzuMixuYrYunLZxRbA4NTcUtEt5ml2mL7QG5PI8kWVD/nTkEbjXkRZgzIU0MuWEiuX92T6CFdYAR5NNrWeapMfTWVquBhdzPyObDlnZ4rNNSQkTeB2w_9JtJzWe3ybCmTsTxWjAmGo_S3xSGeEASQjZfWBmYS-wHK6-QGUL_En-p/gmnKibvyywZW1Vnz88XmCESn-RMOJvt8wbeLOWRb5f4sV1-pyltwF0-jr8CYnvMNsWKdGwrjub6sQNUVDnQY2B2SPkW1fGEJ18dlQ_7glM7Fobp3aKB642gf6PYXe0vB/.../

http://www.lo4d.com/get-file/amcap-webcam-capture/.../

Latest 30 of 216 download URLs

Scan AMCapSetup.exe - Powered by Reason Core Security