freedvd2iso.exe

Rspark LLC

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application freedvd2iso.exe by Rspark has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Free DVD to ISO Converter by Media Freeware which is a potentially unwanted software program.
Publisher:
Rspark LLC  (signed and verified)

MD5:
21bd5fb593fc6a6c5fa9ad064463d81e

SHA-1:
f6c1943d546732ab83202f9a41d909fc85a295ce

SHA-256:
d773d8f9321af124cc5f89992bc359b748b5df0a4d87e222c4409462ad4f83e7

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 12:46:40 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Rspark.L
14.4.8.15

File size:
301.8 KB (309,032 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\freedvd2iso\freedvd2iso.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
11/24/2013 4:00:00 PM

Valid to:
1/26/2015 4:00:00 AM

Subject:
CN=Rspark LLC, O=Rspark LLC, L=Seattle, S=Washington, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0969FC9F3451C04483AE5CCEADE9FC13

File PE Metadata
Compilation timestamp:
1/2/2014 2:50:30 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:Gv9RtqTD1L9iL+n8nFKhO3d+qAZ6DWXeyX7+gXMFosX9IYYCYYVY5gYUYt+9YF6Z:p9iL+nksgS6nyLaO3BVVReoPa7Tv

Entry address:
0x6AFA

Entry point:
E8, CD, 25, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 38, 83, 41, 00, 89, 0D, 34, 83, 41, 00, 89, 15, 30, 83, 41, 00, 89, 1D, 2C, 83, 41, 00, 89, 35, 28, 83, 41, 00, 89, 3D, 24, 83, 41, 00, 66, 8C, 15, 50, 83, 41, 00, 66, 8C, 0D, 44, 83, 41, 00, 66, 8C, 1D, 20, 83, 41, 00, 66, 8C, 05, 1C, 83, 41, 00, 66, 8C, 25, 18, 83, 41, 00, 66, 8C, 2D, 14, 83, 41, 00, 9C, 8F, 05, 48, 83, 41, 00, 8B, 45, 00, A3, 3C, 83, 41, 00, 8B, 45, 04, A3, 40, 83, 41, 00, 8D, 45, 08, A3, 4C, 83, 41...
 
[+]

Entropy:
6.4169

Code size:
70 KB (71,680 bytes)

The file freedvd2iso.exe has been discovered within the following program.

Free DVD to ISO Converter  by Media Freeware
The installer uses the OutBorwse download manager to bundle additional adware during install including Conduit Search Protect, Yontoo PlurPush, SysTweak and other toolbars and potentially unwanted software utilities.
www.mediafreeware.com
67% remove it
 
Powered by Should I Remove It?

Remove freedvd2iso.exe - Powered by Reason Core Security