home

cool record edit pro 8.exe

Microsoft Visual Studio 2012 Product Keys

Media Labs Ltd

The application cool record edit pro 8.exe by Media Labs has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from fileupstream.com.
Publisher:
Media Labs Ltd  (signed and verified)

Product:
Microsoft Visual Studio 2012 Product Keys

Version:
1.0.0.0

MD5:
7052fbbe2df6bf2554cf64faeb5c0880

SHA-1:
abe4cf17272e72ed2ffb3469b0baa124505f2bc1

SHA-256:
9eceaeb5913a08c75015d7a7c1aa0dabe729d2840d2db21927aaa88ddc1d64fd

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
1/9/2025 1:13:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Media Labs (M)
16.10.20.14

File size:
1.3 MB (1,312,760 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
Microsoft Visual Studio 2012 Product Keys.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Media Labs Ltd

Authority:
COMODO CA Limited

Valid from:
6/16/2014 5:00:00 AM

Valid to:
6/17/2015 4:59:59 AM

Subject:
CN=Media Labs Ltd, O=Media Labs Ltd, STREET="Electrolitnii pr., 1-3", L=Moscow, S=Moscow, PostalCode=115230, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00BF0CB86A53F57982126C226D9F51F58F

File PE Metadata
Compilation timestamp:
9/10/2014 3:51:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:sbyOd1mBlZPRZCTX0oJ6YFUQoJJOyq0BYtach8mSA:s+O0ZPnCD56YF+J4h0BYtLhAA

Entry address:
0x13A266

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.2 MB (1,278,976 bytes)

The file cool record edit pro 8.exe has been seen being distributed by the following URL.

http://fileupstream.com/.../?wmid=wbsm_8963_sftport&url=aHR0cDovL3NvZnRyZWUucnUvZG93bmxvYWQvZmlsZXNfaXRvZy8xL0Nvb2wgUmVjb3JkIEVkaXQgUHJvIDguemlw&fname=Cool Record Edit Pro 8.exe

Remove cool record edit pro 8.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.