» facebookvideocallsetup_v1.2.203.0.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (6)
Downloads (39)

facebookvideocallsetup_v1.2.203.0.exe

Setup

Facebook, Inc.

This is a setup and installation application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from www.lo4d.com and multiple other hosts.

File name:

Publisher:

Facebook Inc. (signed by Facebook, Inc.)

Product:

Setup

Version:

1.2.203.0

MD5:

16c2691574b1c5789ed4d6729921a320

SHA-1:

1aa8e9d412382285b3ed60b79e7380f937c0289d

SHA-256:

ff5cce402a25942808a02eb086a6cdf28cf1817cd965940c9bc50c99da1e890a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 11:47:54 AM UTC (today)

File size:

482 KB (493,520 bytes)

Product version:

1.2.203.0

Original file name:

Setup

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\facebookvideocallsetup_v1.2.203.0.exe

Digital Signature

Signed by:

Facebook, Inc.

Authority:

VeriSign, Inc.

Valid from:

7/21/2009 5:00:00 PM

Valid to:

7/21/2012 4:59:59 PM

Subject:

CN="Facebook, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Facebook, Inc.", L=Palo Alto, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

195EF72FAD5B09219ECB160A77DD2395

File PE Metadata

Compilation timestamp:

7/13/2011 6:36:32 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:3M+HFwtnysCJIlRfgfjCJLl4XfU85SNALN+1a:ZlwtnnCJI824X88EALNqa

Entry address:

0x1000

Entry point:

55, 8B, EC, 83, EC, 44, 53, 56, 57, FF, 15, 04, 50, 40, 00, 8B, F0, 8A, 06, 6A, 20, 5B, 3C, 22, 74, 0F, 3A, C3, 76, 1D, 46, 38, 1E, 77, FB, EB, 16, 3C, 22, 74, 11, 46, 8A, 06, 84, C0, 75, F5, 3C, 22, 75, 07, EB, 04, 3A, C3, 77, 07, 46, 8A, 06, 84, C0, 75, F5, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, 08, 50, 40, 00, 68, 80, 00, 00, 00, 6A, 08, 89, 1D, D4, 61, 40, 00, FF, 15, 18, 50, 40, 00, 50, FF, 15, 14, 50, 40, 00, A3, D0, 61, 40, 00, B8, 00, 60, 40, 00, BF, 14, 60, 40, 00, 8B, D8, 3B, C7, 73, 0F, 8B, 03... 
[+]

Entropy:

7.9242

Developed / compiled with:

Microsoft Visual C++

Code size:

13.5 KB (13,824 bytes)

Scheduled Task

Task name:

{2BB020F3-519E-473C-B80D-3B3D0D30BC16}

Trigger:

Registration (Runs on registration)

The file facebookvideocallsetup_v1.2.203.0.exe has been discovered within the following programs.

µTorrent by BitTorrent Inc.

µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.

www.utorrent.com

12% remove it

Adobe Photoshop CS by Adobe Systems Incorporated

Photoshop CS increased user control with a reworked file browser augmenting search versatility, sorting and sharing capabilities and the Histogram Palette which monitors changes in the image as they are made to the document.

www.adobe.com/photoshop

9% remove it

Air Assault by Media Contact LLC

is a casual video games distributed through the GameTop.com download portal. The trial verison of the game in some cases drops an icon on the user's desktop 'Online Free Games' which links to a partner portal such as onlinefreegames.com.

www.GameTop.com

6% remove it

BECTA Home Access Activation Tool by Texthelp Systems

About 9% of users remove it

Opera 12.17 by Opera Software ASA

www.opera.com

10% remove it

TypingMaster 2002

Publisher's description - “TypingMaster 2002 typing tutor for Windows is a comfortable way to learnthe efficient touch-typing (ten-finger) system. After practicing with this Windows tutor, you will be typing faster, with greater accuracy, and performing tasks on your computer much more quickly and easily.”

3% remove it

The file facebookvideocallsetup_v1.2.203.0.exe has been seen being distributed by the following 39 URLs.

http://www.lo4d.com/get-file/facebook-video-calling/.../

http://download.findmysoft.com/2014/06/.../Facebook-Video-Calling_2.0.exe

http://www.lo4d.com/get-file/facebook-video-calling/.../

http://panse.wapka.mobi/.../Facebook Video Call Setup_v1.2.203.0.exe

http://www.lo4d.com/get-file/facebook-video-calling/.../

http://lon-01.lo4d.com/files/.../FacebookVideoCallSetup_v1.2.203.0.exe

https://c113.pcloud.com/.../FacebookVideoCallSetup_v1.2.203.0 Uploaded by Ashin Nandisara Natmauk.exe

http://www.lo4d.com/get-file/facebook-video-calling/.../

http://m.ak.fbcdn.net/dragon.ak/cfs-ak-ash4/85001/.../FacebookVideoCallSetup_v1.2.203.0.exe

http://www.lo4d.com/get-file/facebook-video-calling/.../

Latest 30 of 39 download URLs

Scan facebookvideocallsetup_v1.2.203.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.