FreeTVDownloader.exe

Free TV Downloader

Install Lab ltd.

The application FreeTVDownloader.exe by Install Lab ltd has been detected as adware by 4 anti-malware scanners. This is a setup program which is used to install the application. The setup installer will bundle multiple adware offers during download and setup (based on the user's geographical location) including toolbars, extensions and coupon utilities. The file has been seen being downloaded from cmpsmarter-downloader.maynemyltf.netdna-cdn.com.
Publisher:
Cool Mirage  (signed by Install Lab ltd.)

Product:
Free TV Downloader

Version:
1.9.0.9

MD5:
7422a67f7a3c4044cc489350aa8832c4

SHA-1:
144dd1e91c6896be61f80891171890d17ffdf0df

SHA-256:
353da86ed22c14ff8e739ebb8ae25b14561933356d2a2d2e0ca13e6fb8276b8c

Scanner detections:
4 / 68

Status:
Adware

Explanation:
Bundles a number of adware programs in the installer.

Analysis date:
11/27/2024 3:41:34 AM UTC  (today)

Scan engine
Detection
Engine version

herdProtect (fuzzy)
2014.8.30.12

Panda Antivirus
PUP/MultiToolbar.A
14.08.30.08

Reason Heuristics
PUP.InstallLabltd.Q
14.8.7.23

VIPRE Antivirus
CoolMirage Ltd
27408

File size:
2.6 MB (2,702,328 bytes)

Product version:
1.9.0.9

Copyright:
Copyright © Cool Mirage 2013

Original file name:
FreeTVDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\1clickmoviedownloader.com\freetvdownloader.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
10/13/2013 7:00:00 AM

Valid to:
10/14/2014 6:59:59 AM

Subject:
CN=Install Lab ltd., O=Install Lab ltd., L=Tel Aviv, S=Tel Aviv, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
408CEA01026979279F7844366EFF6D80

File PE Metadata
Compilation timestamp:
3/6/2014 4:04:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:sKUev9gzgMzAtwi2NlRp3j2J3pK761Y8SerMTRz3P9J+biO3+ukUIbaHvrr/AHZX:3Uev9gzjEtwi2yJ5p17MTZeZkzMreXka

Entry address:
0x28FE9E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9329

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.6 MB (2,678,784 bytes)

The file FreeTVDownloader.exe has been seen being distributed by the following URL.

Remove FreeTVDownloader.exe - Powered by Reason Core Security