» fytd_setup_2.exe
Overview
Analysis
File Details
Downloads (56)
Network (4)

fytd_setup_2.exe

Free YouTube Downloader

Bonjoy Software

The application fytd_setup_2.exe, “Free YouTube Downloader Setup Program” by Bonjoy Software has been detected as adware by 6 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. While running, it connects to the Internet address cache.google.com on port 80 using the HTTP protocol.

File name:

fytd_setup_2.exe

Publisher:

How, Inc (signed by Bonjoy Software)

Product:

Free YouTube Downloader

Description:

Free YouTube Downloader Setup Program

Version:

4.0

MD5:

185a935d6e4a26863844de1facdadbb0

SHA-1:

662e5d32d00fce78e41b7b57e6e512532d1f8e01

SHA-256:

2f7f78d8d03c3fe68af7f9de518fc10a5ab4f8494f703df581a8549abc9d0b08

Scanner detections:

6 / 68

Status:

Adware

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

11/23/2024 8:24:25 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.OpenCandy

4.0.3.15812

Bkav FE

W32.HfsAdware

1.3.0.7062

Dr.Web

Adware.OpenCandy.171

9.0.1.0224

ESET NOD32

Win32/OpenCandy.E potentially unsafe (variant)

9.12081

Reason Heuristics

PUP.BonjoySoftware.Installer (M)

15.8.12.15

VIPRE Antivirus

Opencandy

42808

File size:

1.1 MB (1,180,672 bytes)

Product version:

4.0

How Inc.

Original file name:

Free YouTube DownloaderSetup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\fytd_setup_2.exe

Digital Signature

Signed by:

Bonjoy Software

Authority:

COMODO CA Limited

Valid from:

10/13/2014 1:00:00 AM

Valid to:

10/14/2015 12:59:59 AM

Subject:

CN=Bonjoy Software, O=Bonjoy Software, STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00DA993C13A7FD02A727397544A565C108

File PE Metadata

Compilation timestamp:

8/10/2015 5:32:02 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:9Hv7bHHBS8mWBIIVTwNfQK077soGm8O5VA/:9frmWCeTwNzs9GQ5k

Entry address:

0x575E4

Entry point:

E8, 75, 98, 00, 00, E9, 79, FE, FF, FF, CC, CC, 68, C0, 71, 45, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, B8, A2, 49, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 6A, 0C, 68, 10, 1A, 49, 00, E8, 9B, FF, FF, FF, 6A, 0E, E8, BC, 22, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08... 
[+]

Entropy:

7.2868

Code size:

500 KB (512,000 bytes)

The file fytd_setup_2.exe has been seen being distributed by the following 50 URLs.

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=ea21764b880917cad6de1a70&viewguid=YfYzDTKmo6VW-LX-3GwakNFZEPchAwIYCDxA&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=fb80a0a57153a984de829f5b&viewguid=ZryUckvALQZ2W4RC8fpRaQD7l4-XVkdtT8hy&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=7669620ea8182fd44a66a6b7&viewguid=YzTOMQWwx7arvgTNIWUvrGU0ECSa3ENT9T3x&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=8e8286cce46c40e2743f3dd9&viewguid=XT6fEjOZc2xbflH8IrG8ppv6HiOFmRIBj--w&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=70744b6cacbd2fd66643dcf8&viewguid=XsUKIFmgmTZzw31St4qR5D4d-HBta84-JrNk&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=f2a362d790831472444009f4&viewguid=XoJ@oE27FPJ0NaWdyX0FFFiWfCrfvy4TvlX-&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=c00c32a099f6b8da594f5226&viewguid=XLs1wmfXSF9qplbj9B4VcprWtK19DJZurzDA&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=df474fa2d31edf052a824149&viewguid=Zchtg1akXz2jbrXvZTNtnRJ0NRW5FZrbgs7m&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=ae5b16afdf5093e73e2aeaec&viewguid=Zh9EJJIe@NuKVqzdGKYBbGwY4AdDYx4ffttA&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=2ad84e51fbad26b6615578ee&viewguid=Y0OOVha1hxFRiQkpWWZLivD7Epg412637Wsz&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=1ad2ee24cd15413107d4b599&viewguid=YvCVafImEkgQGnaubOXlBdy46WKTRSVH6t@0&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=a8458b1cf89f99ebd226d29d&viewguid=ZIntxDKg7Dok00rW8AdDywf5SsuDAb9U7jZ7&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=de67930b50f60f81831c329d&viewguid=ZS86Hz44pSbRK-TjoxbtxSZUgCrC9bYgHMNP&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=ff9a35aa5b47c8e678ad1ef7&viewguid=YfbRCzgQ@mBpwuFZZ2hPEQiONYpft-ykcheH&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=897ef784bc46c633c8e14eae&viewguid=Zk5d4qqaDV5T9bkMZPoS5u7f4bSZ-HqhI9mx&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=7be0f2fcf332739bf877d2d3&viewguid=Zmydx3y7uiMKiZIE3D@M31C2jKceQJG6vkez&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=401f89ffe11ca7095a6c6355&viewguid=X14a-N5ctuCVK4rY8JrKRrEDYgidw8jLy67s&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

temp:FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=2e82732a7ca6a273d06ec671&viewguid=YBaMW1SlUGagMil0e4NHCu8neyd1fm58ssQa&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=2bd1fa487cafc05456eb6f42&viewguid=Zm0UiZ1e8ui@QoLUmfTypsZHZQCNeGO@DDAk&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=2d2a1454a8b46aaed52bae75&viewguid=ZT49R3yCD@dEw43Pt9fMhcA-v6JbRuecKai6&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=fc40bf030a71ca2cc01c0873&viewguid=YhCXLJ1f7sYOZY6suT7vWaicrfxA16773O8y&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=9da5089ce703d44d76aaae5a&viewguid=ZBq71DlSr-wmlE6WUUY2TuQlUHQcU0ZqueuA&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=678205a095f03edc7a9f36f3&viewguid=X6jrQpKYdBTMjhWVHEuaGTUTXmH2KtGWYGui&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=e09a53a1da75e31cb05d62f6&viewguid=XMDYVXWvgdVVcybaMPlhfjFNxp0LbMSDoCyu&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=c2e544b1ed63283b9477af72&viewguid=Y2WX4XZWGA6nFZ61@Ne2lEmFUxRzE6ek2Mus&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=da7050f7e9a2c540c4abe393&viewguid=XjLwG4riFVKwsELrMclWtCqjBYPTJvvDSgw7&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=b10e6577a46235b823a87fa7&viewguid=YxM4a6f0L03nDxW1XBvnkTdVLwuU7EXp3CCk&destUrl=http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=35918c01cb2cd855bec97fef&viewguid=Yu5Neuu6c37GMD-5ZgYXCVHWKPjwU6HhUeob&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14447956&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=023e9f499e8e4f9b5c70ef29&viewguid=XLt5JCKAFnOR-JZcHhlbLZ4yoOTNgM7RPRaC&destUrl=http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

Latest 30 of 56 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to cache.google.com (41.160.35.187:80)

TCP (HTTP):

Connects to mil04s26-in-f110.1e100.net (216.58.205.110:80)

TCP (HTTP):

Connects to 41.254.37.44.static.ltt.ly (41.254.37.44:80)

Remove fytd_setup_2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.