fraps.exe

FRAPS

Beepa Pty Ltd

This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Fraps’. This file is installed with multiple programs including Fraps. The file has been seen being downloaded from download1758.mediafire.com and multiple other hosts.
Publisher:
Beepa P/L  (signed by Beepa Pty Ltd)

Product:
FRAPS

Version:
3, 4, 7, 13808

MD5:
2970e9002994fad689a0b98c0d855b0e

SHA-1:
1b0d4b705b820b6ce31a7ea96abbf5aec69e97c4

SHA-256:
77c717559ed2b364facc7aa8ba88b17ec6d1eb8ffec1cd33dc12260614a309f2

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/17/2024 6:42:48 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4613

File size:
2.4 MB (2,533,040 bytes)

Product version:
3, 4, 7, 13808

Copyright:
Copyright © Beepa P/L 2011

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/15/2009 2:00:00 AM

Valid to:
8/30/2012 1:59:59 AM

Subject:
CN=Beepa Pty Ltd, OU=Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beepa Pty Ltd, L=Melbourne, S=Victoria, C=AU

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
61BA7137F92180F6BC4CA2F8DDB339C8

File PE Metadata
Compilation timestamp:
10/22/2011 1:04:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:AneLqz2Ha0b3zAJu9k6twK8So+c+WUgPn8RUlXmrbmrBG5uY/Apyhl31lW:Anuqzd0b3zEu9B3RWvfGUlX4bm+/Apyu

Entry address:
0x829000

Entry point:
83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 60, 12, 00, 2D, A9, 88, 09, 10, 05, 9E, 88, 09, 10, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, E6, A8, 26, 3F, 68, 00, 28, AD, 2E, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 14, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, 9B, DF, 72, AA, 20, 3D, C6, 47, 13, 8C, B4, 65, E4, 46...
 
[+]

Entropy:
7.8416  (probably packed)

Code size:
426 KB (436,224 bytes)

Scheduled Task
Task name:
FRAPS

Trigger:
Logon (Runs on logon)

Description:
Starts Fraps at log on.


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Fraps

Command:
C:\fraps\fraps.exe


The file fraps.exe has been discovered within the following programs.

Fraps  by Beepa Pty Ltd
Publisher's description - “Fraps is a universal Windows application that can be used with games using DirectX or OpenGL graphic technology. Show how many Frames Per Second (FPS) you are getting in a corner of your screen. Perform custom benchmarks and measure the frame rate between any two points.”
8% remove it
Prompt Downloader  by Bexley Holdings Limited
Prompt Downloader is free p2p client with no upload support (you will not involved in the content distribution).
www.promptdownloader.com
46% remove it
 
Powered by Should I Remove It?

The file fraps.exe has been seen being distributed by the following 4 URLs.

http://download1758.mediafire.com/bgk6q4vd2g2g/.../fraps.exe

Scan fraps.exe - Powered by Reason Core Security