home

cg_xvid_codecs_setup.exe

Premium Installer

The application cg_xvid_codecs_setup.exe, “Premium Installer ” has been detected as a potentially unwanted program by 54 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from download.cgxvid.com.
Publisher:
Premium Installer

Product:
Premium Installer

Description:
Premium Installer

Version:
1.3.7.2

MD5:
da29743e4cfeca69839ede3980ad9468

SHA-1:
09b738e61fb072184751c37b17a02348217b8dfd

SHA-256:
97f054b1c67d0e336cdff3a5ab94f7e9db8424104e405c2f923dab774523748c

Scanner detections:
54 / 68

Status:
Potentially unwanted

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
1/14/2025 9:44:36 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.605915
940

Avira AntiVirus
Adware/iBryte.qoemnf
7.11.158.148

AVG
Skodna.Generic
2015.0.3418

Baidu Antivirus
Adware.Win32.iBryte
4.0.3.1479

Bitdefender
Application.Generic.605915
1.0.20.950

Clam AntiVirus
Win.Adware.Agent-6794
0.98/21411

Comodo Security
Application.Win32.IBryte.S
18765

Dr.Web
Adware.Downware.2216
9.0.1.0190

ESET NOD32
Win32/AdWare.iBryte (variant)
8.10048

Fortinet FortiGate
Riskware/IBryte
7/9/2014

F-Prot
W32/A-e648ab1d
v6.4.7.1.166

F-Secure
Application.Generic.605915
11.2014-09-07_4

G Data
Application.Generic.605915
14.7.24

IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent
t3scan.1.6.1.0

K7 AntiVirus
Adware
13.180.12626

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.3587

Malwarebytes
PUP.Optional.iBryte
v2014.07.09.12

McAfee
RDN/Generic PUP.x!bwl
5600.7074

MicroWorld eScan
Application.Generic.605915
15.0.0.570

NANO AntiVirus
Trojan.Win32.Downware.culecy
0.28.0.60577

Panda Antivirus
Trj/Genetic.gen
14.07.09.12

Qihoo 360 Security
Win32/Trojan.e6d
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
14.7.9.12

Rising Antivirus
PE:Malware.iBryte!6.14B5
23.00.65.14707

Sophos
iBryte Optimum Installer
4.98

Trend Micro House Call
TROJ_GEN.R0CBC0OCU14
7.2.190

Trend Micro
TROJ_GEN.R0CBC0OCU14
10.465.09

Vba32 AntiVirus
Downloader.Agent.bkfx
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
30968

Zillya! Antivirus
Downloader.Agent.Win32.184975
2.0.0.1845

File size:
213.5 KB (218,624 bytes)

Product version:
1.3.7.2

Copyright:
Copyright (C) 2013 Premium Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cg_xvid_codecs_setup.exe

File PE Metadata
Compilation timestamp:
3/10/2014 2:49:03 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:ZIJL2I71XBKC55pJiut3+6DsJXMBntyX8rYK8A5a/pj1:GJp7blS1inMXxT/pj1

Entry address:
0xDAAB

Entry point:
E8, BC, 47, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, A4, 82, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 5C, 80, 42, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63...
 
[+]

Code size:
154 KB (157,696 bytes)

The file cg_xvid_codecs_setup.exe has been seen being distributed by the following URL.

http://download.cgxvid.com/CG_Xvid_Codecs_Setup.exe

Remove cg_xvid_codecs_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.