anydvdtray.exe

AnyDVD

SlySoft Inc.

This file is installed with the program AnyDVD.
Publisher:
SlySoft, Inc.  (signed by SlySoft Inc.)

Product:
AnyDVD

Description:
AnyDVD Application

Version:
6.3.1.5

MD5:
6ab2a8d296285ac375d3b78aa84f99d3

SHA-1:
b68e023a9bf097ff612ebd621043366343b575ee

SHA-256:
6f13fdcd04d6b98c59a002424111862a3cc71e2968df87a5dcb0bdb9dc5d441e

Scanner detections:
6 / 68

Status:
Clean  (6 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/18/2024 5:43:35 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Lebag
2.1.4+

F-Prot
W32/Heuristic-THX
v6.4.4.4.56

Kaspersky
Trojan-Downloader.Win32.Hmir
14.0.0.806

Prevx
Medium Risk Malware
3.0

Sophos
Mal/FakeAV-BQ
4.93

Vba32 AntiVirus
suspected of Win32.BrokenEmbeddedSignature
3.12.10.5

File size:
1.6 MB (1,682,368 bytes)

Product version:
6.3.1.5

Copyright:
Copyright 2002 - 2008 SlySoft, Inc.

Trademarks:
AnyDVD and SlySoft are trademarks of SlySoft, Inc.

Original file name:
AnyDVD.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
11/30/2007 7:03:07 PM

Valid to:
11/30/2010 7:03:07 PM

Subject:
E=admin@slysoft.com, CN=SlySoft Inc., O=SlySoft Inc., C=AG

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011690704DC6

File PE Metadata
Compilation timestamp:
2/6/2008 5:03:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:I5clurktUvH7MBLN84+9zN149D+0hMwqEmiYT7J/1aTz3e1UXqPUhJQ51fU:D2gBLG4VThMmYTHaTLe1IICQDfU

Entry address:
0xE0141

Entry point:
6A, 60, 68, 88, B6, 52, 00, E8, 23, 2F, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 07, 02, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, FC, 60, 52, 00, 8B, 4E, 10, 89, 0D, 50, 7F, 57, 00, 8B, 46, 04, A3, 5C, 7F, 57, 00, 8B, 56, 08, 89, 15, 60, 7F, 57, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 54, 7F, 57, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 54, 7F, 57, 00, C1, E0, 08, 03, C2, A3, 58, 7F, 57, 00, 33, F6, 56, 8B, 3D, F8, 60, 52, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
6.7245

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
1.1 MB (1,200,128 bytes)

The file anydvdtray.exe has been discovered within the following program.

AnyDVD  by SlySoft Inc.
Publisher's description - “AnyDVD works in the background to automatically and transparently enable read access of the contents of a movie DVD as soon as it's inserted into the drive.”
www.slysoft.com/en/anydvd.html
9% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to nl.redfox.bz  (93.190.142.127:80)

Scan anydvdtray.exe - Powered by Reason Core Security