home

fytd_setup_2.exe

Free YouTube Downloader

Bonjoy (Verified Application Company)

The application fytd_setup_2.exe, “Free YouTube Downloader Setup Program” by Bonjoy (Verified Application Company) has been detected as a potentially unwanted program by 7 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. While running, it connects to the Internet address cache.google.com on port 80 using the HTTP protocol.
Publisher:
How, Inc  (signed by Bonjoy (Verified Application Company))

Product:
Free YouTube Downloader

Description:
Free YouTube Downloader Setup Program

Version:
4.0

MD5:
7626d78da47f1302ceeca74a92aa4b59

SHA-1:
922c6cea320ed1dbb58f66ff4bd47cc170c17ca8

SHA-256:
3339b1e5f370f9b59fd12102fd94fe8f2dfd7e9a09cfdc7fff0bb7c04dec77f7

Scanner detections:
7 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
11/23/2024 9:38:42 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
PUA/OpenCandy.Gen
8.3.2.4

Dr.Web
Adware.OpenCandy.194
9.0.1.05190

ESET NOD32
Win32/OpenCandy.A potentially unsafe application
7.0.302.0

McAfee
Artemis!7626D78DA47F
5600.6530

Reason Heuristics
PUP.OpenCandy.Installer (L)
16.1.4.23

SUPERAntiSpyware
PUP.OpenCandy/Variant
9405

File size:
1.1 MB (1,180,712 bytes)

Product version:
4.0

Copyright:
How Inc.

Original file name:
Free YouTube DownloaderSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fytd_setup_2.exe

Digital Signature
Signed by:
Bonjoy (Verified Application Company)

Authority:
COMODO CA Limited

Valid from:
12/11/2015 7:00:00 PM

Valid to:
12/11/2016 6:59:59 PM

Subject:
CN=Bonjoy (Verified Application Company), O=Bonjoy (Verified Application Company), STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0CBA100EB8A303781BAFC3DFA145B230

File PE Metadata
Compilation timestamp:
8/19/2015 1:26:10 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:8Hv7bHHBS8gWBIIVTwNP3i047W7oGm8OThcaJr:cfrgWCeTwNKxvGQNN

Entry address:
0x575E4

Entry point:
E8, 75, 98, 00, 00, E9, 79, FE, FF, FF, CC, CC, 68, C0, 71, 45, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, B8, A2, 49, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 6A, 0C, 68, 10, 1A, 49, 00, E8, 9B, FF, FF, FF, 6A, 0E, E8, BC, 22, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08...
 
[+]

Entropy:
7.2866

Code size:
500 KB (512,000 bytes)

The file fytd_setup_2.exe has been seen being distributed by the following 30 URLs.

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=2d835b4b150f72196c3161c8&viewguid=ajsXuZhqt3ei-CSMWJxYTZGCa234-Q6JAAdD&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=e2433315e5b4aae3b898f5fd&viewguid=als2q1YPRupHQ@dk1FGRpNV3zOksdh3qjKOl&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=a9b2b799f5f2bc5623e77993&viewguid=afdCLFXPLJ4wzGStGhwmEHlWKUbYoParPZKo&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=c35b9f79f3c992ae0dd63c4d&viewguid=aPkbbgKD5vXRQbggy4p9BWW4eYyywKE2EApz&destUrl=http://files.downloadnow.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=f6ef8e042250bce9a605a6ce&viewguid=amcqpmei1QtZn3jzXXIP5x@1fUXHf@OCwsaY&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=c969e8e9f184b8175eec6e97&viewguid=aYUtNMxAG4qJ8DzSyZnYU4@Mt0pAcFUzXR2t&destUrl=http://software-files-a.cnet.com/u/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=67703d3460688aba16100110&viewguid=akKI3xo@fxRZN9AVltw3jK@fUsriQDtoMxQY&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=dce3d0a713ebef1222ea18f2&viewguid=aljQ9ysfUWiQ1j2ef5436E9HMvAcFv3ylgz-&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=b09b628efe2de6acc8c77232&viewguid=aZ@kwTQIBNuQ-grqvJMPJgUiPgFKaR@0HB8r&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=e804250267fa200301e1bbe6&viewguid=aigXzlZMKSQ89LwL@Ot43sdomadpQfkHEgJY&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=178eb07a738f49bd54eb3047&viewguid=ajuKBcIZKxU7dr7ugc-VvsUJWOFHROh2Bpv8&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=145f19eb6ebdcd665cb37562&viewguid=aevayc8@S5x2SNtAq59lz-0hfd3YCMb3IZrd&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=9ad40f751989fe6cec324b07&viewguid=aTFZNYgmsNdzUT0jwJVSBewwqlMf46DNfmfM&destUrl=http://files.downloadnow.com/s/software/14/49/32/.../FYTD_Setup_2.exe

http://www.youtubedownloaderhd.com/.../youtube_downloader_hd_setup.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=e899df3cbefaf799035b9739&viewguid=ajwAy3Drk9MvDfm1gsoWwtHXoAY-dzmWNpOi&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

temp:FYTD_Setup_2.exe

http://software-files-a.cnet.com/s/software/14/44/79/.../FYTD_Setup_2.exe

http://ezdownload.co/.../youtubedownloader.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=5d5e4750a3493d7c81619e1f&viewguid=ajXHdW5WHvg9cT-WVIkaPnYdVU3-hpDcPa4C&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=6b21ad24badfe255b9f5811b&viewguid=aO5wIAY5R8nunslYA-UfYC1bdbiBX0PgaSwa&destUrl=http://files.downloadnow.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=pt&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=bc647446d073a557b1295c01&viewguid=amdg@o2plxMHYffHQsJJiHTTdSS2Fv1Bfpre&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=c617b4d610c0406d13b58fcb&viewguid=aXfzINgQ5-fHjV07FRhOSc7B2Us6ETE8Ql1l&destUrl=http://software-files-a.cnet.com/u/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=a8e8e65591970d60411ba03a&viewguid=agHSBtz-V6nChMiGuYE2S6VosFDzfTFeAh8I&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=36611ee86244223edeeca06b&viewguid=aeOex6@tIV8sd@N5udn6QeqxQ8uL3F92JBf7&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=5585546973b96e25c052d993&viewguid=akwJ2dPktWv0gSbOl6ZcgyckC1Ega-35VIU0&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14493266&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=6ffdbd480ef3953c70c94862&viewguid=ag1ZvZWCPXTn82b3mlM22VcsTK9iKLg78lSh&destUrl=http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

http://files.downloadnow.com/s/software/14/44/79/.../FYTD_Setup_2.exe

http://software-files-a.cnet.com/s/software/14/49/32/.../FYTD_Setup_2.exe

http://software-files-a.cnet.com/u/.../FYTD_Setup_2.exe

http://files.downloadnow.com/s/software/14/49/32/.../FYTD_Setup_2.exe

Latest 30 of 30 download URLs

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to cache.google.com  (208.117.231.151:80)

Remove fytd_setup_2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.