» freeyoutubedownload.exe
Overview
Analysis
File Details
Downloads (5)

freeyoutubedownload.exe

Free YouTube Download 3.2.51.1215

DVDVideoSoft Ltd.

The application freeyoutubedownload.exe, “Free YouTube Download 3.2.51.1215 Setup ” by DVDVideoSoft has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from r2.computerbild.de and multiple other hosts.

File name:

Publisher:

DVDVideoSoft Ltd. (signed by DVDVideoSoft Ltd.)

Product:

Free YouTube Download 3.2.51.1215

Description:

Free YouTube Download 3.2.51.1215 Setup

Version:

3.2.51.1215

MD5:

b6b9191bcbc2b1e635a66f1faa253dd2

SHA-1:

a2f84aa1a8397f9128824c462015f75d4bd9b4cf

SHA-256:

cb040c30ec723c1c6c6f1305051ed936bb476ecf61cc47fd75396a41404356d0

Scanner detections:

2 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

11/26/2024 10:11:48 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/OpenCandy (variant)

8.10901

Reason Heuristics

PUP.OpenCandy.Installer (L)

16.12.2.10

File size:

31.5 MB (33,024,504 bytes)

Product version:

3.2.51.1215

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\freeyoutubedownload.exe

Digital Signature

Signed by:

DVDVideoSoft Ltd.

Authority:

GlobalSign nv-sa

Valid from:

4/24/2013 5:43:53 PM

Valid to:

4/24/2016 5:43:53 PM

Subject:

E=question@dvdvideosoft.com, CN=DVDVideoSoft Ltd., O=DVDVideoSoft Ltd., S=Dominica, C=DM

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11212661F5B10172D0E730C0D1F1213115FF

File PE Metadata

Compilation timestamp:

10/13/2013 11:19:32 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

786432:wLFx8XJ1b2HCriEYyDX8+NTewu/vkZ7oXHvqO5Nu07jGJa:G8X+siEYyjrskZOHvz5X7Sk

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file freeyoutubedownload.exe has been seen being distributed by the following 5 URLs.

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../FreeYouTubeDownload.exe

http://d.baixakifiles2.com/?ic_user_id=9289&data=tmzTYpTVxRXJ/zxFtR gRtqGXL1fVEAsC/dIwk108r5c SZRAPyYfePAOjIGjEnqeNDNOZkYqc7aWXdBjT NIZssvm/FsP5XgB0ZwTfm83FV/ZdF KMjNmObFBMP5R/NQFKrlmsx5Ph6Nfh brazMiV5/APBfnX0dFZjwcUk1YCOxJa0S1kX1vU 9N4N9GY/qPElckj6vfydZkA/pedGvmqfR ogAqpEBAsoSs/hJ5UE6qsEW500gTBnYn6veT8GzmaYs4pQDeaxxuCgaW0zGgKY9WEl8P7J2sSKfWeEv95btSkZq6nw5gLm4syHPHRFG n4hs3uzBVx VxnxkUdnKfRZ/fSbJSHVYENvkpv0d8hYdZSnfnmPnnVT3q4uMaOkReIpOgfw6ENmrPXPy3OLX11xRw29rFmuAJm3CR5dfaREqils JteEdT5di9mv5axEDg9c2dJtRuBQ0H8zA/gFHjduv4VNejH7ZfM0oa8Go518iP0wT1kwEE7euI7V9fh9fYJu6fl/TPrxYqBMJJom1599Mqg80jmZSL085XH6EApixaA Z GU 5Lz3R2bwE2K/9awUXsbm9nov7s61I/gJlKKcwHlSHoYIJBEGNmIzluSnKjWPCnYMPJBOguEGIXKWzUaP4CwYBIh1mvBGLNrL5Y7x9Ho4j4zUGINDS8LLqjTZuaFeudN4wSdNEiecXFPrPd6lj9u8QWU2z3tgSfYUhhPmIXmMK3A2DU8ya8h56mDrCoVncoyRiqM9dPeRI0wwkG5vDmAgFhY fjuFrkMrVVXbneGUbOdTQhgfBQNB1j5Pm16Dxr6qjA==&key=SZh9RiWNPOH7ytkGRqob3gb/.../pAYtWsHDZu672e9Vfb55bsQZSWicmBYjXl0sJqy0vcUc0wUkcWV EfCWVmbj4egcGw7h537qAgDB87WWzDC

http://www.afterdawn.com/software/general/.../free_youtube_download?mirror_id=0&version_id=92826&software_id=2372

http://e.ccm2.net/www.commentcamarche.net/download/.../FreeYouTubeDownload-3.2.51.1215.exe

http://downloads.dvdvideosoft.com/FreeYouTubeDownload.exe

Remove freeyoutubedownload.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.