home

freeyoutubedownloader.exe

Vitzo LLC

The application freeyoutubedownloader.exe by Vitzo has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup program which is used to install the application. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Vitzo LLC  (signed and verified)

MD5:
1ba0957e10faf06572e6a0d17de49976

SHA-1:
d1d405eed2b132572a314f1993361618c88f9dfa

SHA-256:
2685efa4a35186f3a235e00ceb52b5766950b0c5e12d29d8a87542d58cc56cb9

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/24/2024 4:35:43 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM41.1.Malware.Gen
1.0.0.1077

Reason Heuristics
PUP.Vitzo (M)
16.2.15.15

Rising Antivirus
PE:Adware.InstallCore!1.A30C [F]
23.00.65.151214

File size:
1.9 MB (1,984,712 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\freeyoutubedownloader.exe

Digital Signature
Signed by:
Vitzo LLC

Authority:
COMODO CA Limited

Valid from:
7/23/2015 5:00:00 PM

Valid to:
7/23/2016 4:59:59 PM

Subject:
CN=Vitzo LLC, O=Vitzo LLC, POBox=19958, STREET=16192 Coastal Highway, L=Lewes, S=Delaware, PostalCode=19958, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
16BE4F5267CE97A1E9C24A95928C524F

File PE Metadata
Compilation timestamp:
12/9/2015 6:25:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:MXscQG9ml23ot6ivwvJZKbyI+dvyNEHvN2Ux0UzW1G7:immotxMJZKWI6PB9aw

Entry address:
0x20D8B

Entry point:
E8, 33, 83, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 15, 1C, C1, 43, 00, 6A, 01, A3, AC, CD, 44, 00, E8, 80, 88, 00, 00, FF, 75, 08, E8, 15, 88, 00, 00, 83, 3D, AC, CD, 44, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 66, 88, 00, 00, 59, 68, 09, 04, 00, C0, E8, E3, 87, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 2E, 5C, 01, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 90, CB, 44, 00, 89, 0D, 8C, CB, 44, 00, 89, 15, 88, CB, 44, 00, 89, 1D, 84, CB, 44, 00, 89, 35, 80, CB, 44, 00, 89, 3D, 7C...
 
[+]

Entropy:
7.6977

Code size:
233 KB (238,592 bytes)

The file freeyoutubedownloader.exe has been seen being distributed by the following 8 URLs.

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14491277&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=3efc6b48a0a0b167ebf26fc0&viewguid=Z9@aDE48T1LrAq8rbePuSEzguCGSgI16v3Kl&destUrl=http://files.downloadnow.com/s/software/14/49/12/.../FreeYouTubeDownloader.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14491277&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=ff4cad925547b15946b10bf8&viewguid=Zzfag0@jjhi8zZzMPeNZCVg6qD4eXM19kJ3@&destUrl=http://files.downloadnow.com/s/software/14/49/12/.../FreeYouTubeDownloader.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14491277&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=d4081bc53496691160e2c0aa&viewguid=ZxptkohEUCczgHTNBdsZzBr-wsHFiD4hmsrE&destUrl=http://files.downloadnow.com/s/software/14/49/12/.../FreeYouTubeDownloader.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14491277&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=26268637c0dc31afbe1e98ca&viewguid=ZyzGdg6o1DXHSX1uSuXUw9BY5Lu5ZFAaZdO2&destUrl=http://files.downloadnow.com/s/software/14/49/12/.../FreeYouTubeDownloader.exe

https://doc-08-5c-docs.googleusercontent.com/docs/securesc/0dnr8mffkopauo15nv45ssm31g4u7ki2/rhce7orv16o5s176ohahncjs9758qkvu/1458921600000/.../13834386376302816591/0B_f8MVo3QLjSU1JyMFdGZnVISG8?e=download

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14491277&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=60e7f038cb2596e35f6d9de4&viewguid=aHbIOKmOXCU5UWGwMXUY8Fpb1hfWSeON9Dcv&destUrl=http://files.downloadnow.com/s/software/14/49/12/.../FreeYouTubeDownloader.exe

temp:FreeYouTubeDownloader.exe

http://files.downloadnow.com/s/software/14/49/12/.../FreeYouTubeDownloader.exe

Remove freeyoutubedownloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.