» bandicamcrack.exe
Overview
Analysis
File Details
Downloads (1)

bandicamcrack.exe

SOFT-MEDIA LTD

The application bandicamcrack.exe by SOFT-MEDIA has been detected as a potentially unwanted program by 10 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.bandicams.ru.

File name:

bandicamcrack.exe

Publisher:

SOFT-MEDIA LTD (signed and verified)

MD5:

a6cb54b2f802cc10700e8a4379b9e40a

SHA-1:

4ccc7a639afb5a5d1ff5fb3e386818047211fe3c

SHA-256:

505c49f7dc91d1c72ec9cc106ad52d81cc1d1669c2d582b515b9b5d36b2745ae

Scanner detections:

10 / 68

Status:

Potentially unwanted

Analysis date:

1/2/2025 6:23:23 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/Adware.Gen

7.11.185.104

avast!

Win32:Adware-gen [Adw]

141025-0

AVG

Could be an adware AdLoad

2014.0.4189

Comodo Security

Application.Win32.Agent.WEFX

20071

ESET NOD32

Win32/AdWare.Toolbar.Webalta.GZ (variant)

8.10720

Malwarebytes

PUP.Optional.Webalta

v2014.11.13.04

McAfee

PUP-FAX

5600.6947

NANO AntiVirus

Riskware.Win32.Toolbar.dibwhk

0.28.6.63362

Vba32 AntiVirus

Downware.iDatix.gen

3.12.26.3

VIPRE Antivirus

Threat.4150696

34232

File size:

1 MB (1,089,808 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\bandicamcrack.exe

Digital Signature

Signed by:

SOFT-MEDIA LTD

Authority:

COMODO CA Limited

Valid from:

10/8/2014 4:00:00 AM

Valid to:

10/9/2015 3:59:59 AM

Subject:

CN=SOFT-MEDIA LTD, O=SOFT-MEDIA LTD, STREET=142 ul.Sovetskaya, L=Irkutsk, S=Irkutskaya oblast, PostalCode=664009, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

291991731BFA3E6452779010B97C2A41

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:fjRdjI7HBx9QPkdAGZUg8PKJH5nk+FQo03okLDvda:fbuHxZH+B+rU3okLDv

Entry address:

0x76294

Entry point:

55, 8B, EC, 83, C4, F0, B8, 0C, 60, 47, 00, E8, C8, 05, F9, FF, A1, F4, 89, 47, 00, 8B, 00, E8, B8, 0C, FE, FF, 8B, 0D, F8, 89, 47, 00, A1, F4, 89, 47, 00, 8B, 00, 8B, 15, 64, C4, 46, 00, E8, B8, 0C, FE, FF, 8B, 0D, 20, 88, 47, 00, A1, F4, 89, 47, 00, 8B, 00, 8B, 15, C8, C2, 46, 00, E8, A0, 0C, FE, FF, 8B, 0D, 6C, 8A, 47, 00, A1, F4, 89, 47, 00, 8B, 00, 8B, 15, 30, 5E, 47, 00, E8, 88, 0C, FE, FF, A1, F4, 89, 47, 00, 8B, 00, E8, FC, 0C, FE, FF, E8, 53, E0, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

469 KB (480,256 bytes)

The file bandicamcrack.exe has been seen being distributed by the following URL.

http://www.bandicams.ru/download.php?id=4

Remove bandicamcrack.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.