dvdfab9125.exe

DVDFab 9

Fengtao Software Inc.

This is a setup and installation application. The file has been seen being downloaded from 198.50.118.130 and multiple other hosts.
Publisher:
Fengtao Software Inc.   (signed by Fengtao Software Inc.)

Product:
DVDFab 9

Description:
DVDFab 9 Setup

MD5:
54ce564abc00dd77bdd607f69021514b

SHA-1:
e6add52dc8d3cdf243530ec25cdf15e2d4d5ebcb

SHA-256:
27a23315fb7bc204ae73f4ccf1c6a90899fccdf553c37d70def5c85ebfc7c7ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:25:19 AM UTC  (today)

File size:
44.3 MB (46,434,960 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\dvdfab9125.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
7/31/2012 6:20:36 AM

Valid to:
8/1/2015 6:20:36 AM

Subject:
CN=Fengtao Software Inc., O=Fengtao Software Inc., L=Beijing, S=Beijing, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216DD6CF9EDC284A1D55A2581FF851EA00

File PE Metadata
Compilation timestamp:
1/30/2013 4:21:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:BbCKsxHA1gsKR4uJWpuzOMd8/2DRcJjHAzYCGISktXmWx6p4cVKlg3c:BbshA1gRJW4R2JDAUCG+g7ywRc

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9993

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file dvdfab9125.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file dvdfab9125.exe has been seen being distributed by the following 12 URLs.

http://198.50.118.130/.../DVDFab9125.exe

http://198.50.118.122/.../DVDFab9125.exe

http://198.50.118.138/.../DVDFab9125_avangate-675.exe

http://198.50.118.114/.../DVDFab9125_avangate-675.exe

http://198.50.118.114/.../DVDFab9125.exe

http://198.50.118.138/.../DVDFab9125.exe

http://174.142.97.100/.../DVDFab9125.exe

http://174.142.97.101/.../DVDFab9125.exe

Scan dvdfab9125.exe - Powered by Reason Core Security