» ancamcorder_setup_naver_3.0.1.exe
Overview
Analysis
File Details

ancamcorder_setup_naver_3.0.1.exe

(주)이비즈네트웍스

The application ancamcorder_setup_naver_3.0.1.exe by (주)이비즈네트웍스 has been detected as a potentially unwanted program by 10 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

Publisher:

(주)이비즈네트웍스 (signed and verified)

MD5:

93401ebcd1436f4eb050857ad88e4a6e

SHA-1:

c444fe18e566659eb1a19e61ea062a0f2302bbdd

SHA-256:

46f750c236a4a6d2b51cbba502ff3598e1ec3a44fed5988e768c5c0cc8246368

Scanner detections:

10 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 8:36:54 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

ApplicUnwnt

22354

IKARUS anti.virus

Win32.AdWare

t3scan.1.9.5.0

K7 AntiVirus

Riskware

13.204.16151

Malwarebytes

Adware.KorAd

v2016.12.11.01

McAfee

Artemis!CDA040E0A626

5600.6189

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

Suspici.B731731B

7.2.346

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

40872

File size:

1 MB (1,086,816 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\안캠코더\ancamcorder_setup_naver_3.0.1.exe

Digital Signature

Signed by:

(주)이비즈네트웍스

Authority:

Thawte, Inc.

Valid from:

9/1/2011 9:00:00 AM

Valid to:

9/1/2013 8:59:59 AM

Subject:

CN=(주)이비즈네트웍스, O=(주)이비즈네트웍스, L=Gangnam-gu, S=Seoul, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3B74D9377884648259B4BD65FA2A021F

File PE Metadata

Compilation timestamp:

12/6/2009 7:50:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9774

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

Remove ancamcorder_setup_naver_3.0.1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.