light_image_resizer4_setup_41.31.21.2_linkular1.exe

Light Image Resizer ( ex VSO )

ObviousIdea

The application light_image_resizer4_setup_41.31.21.2_linkular1.exe, “Light Image Resizer 4 Setup ” by ObviousIdea has been detected as a potentially unwanted program by 4 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This file is typically installed with the program Free PNG To JPG Converter by Free Picture Solutions. The file has been seen being downloaded from od.ccm2.net and multiple other hosts.
Publisher:
ObviousIdea   (signed by ObviousIdea)

Product:
Light Image Resizer ( ex VSO )

Description:
Light Image Resizer 4 Setup

MD5:
673636c7548a5da6dbf3ea5f234132ea

SHA-1:
292dd12a8927cacab46b56e415c1633f37268709

SHA-256:
cf76280e302f12713117f83dacfe85b625286b90c675af1833be1dc4482f71fc

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 1:11:20 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Adware.Linkular.AC
8.9639

Reason Heuristics
Adware.Linkular (M)
16.11.17.9

Rising Antivirus
PE:Trojan.Win32.Generic.1358F1CD!324596173
23.00.65.14424

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.0

File size:
8.4 MB (8,837,488 bytes)

Product version:
4.3.2.2

Copyright:
© 2011-2012 ObviousIdea

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\light_image_resizer4_setup_41.31.21.2_linkular1.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
1/7/2012 1:00:00 AM

Valid to:
2/15/2013 12:59:59 AM

Subject:
CN=ObviousIdea, O=ObviousIdea, L=Castanet Tolosan, S=Haute Garonne, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
414A82ADDBC392BD1D2F1D70CB1F3376

File PE Metadata
Compilation timestamp:
3/17/2011 11:22:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:jGROc3VDXp2PBBFWbItM/aiHgi3cGSKuuIM1BK0W8mCEcW8aHsH9Gro:jR+IZrWbIq/DAPlKuuPBKP8mC7l

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9974

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file light_image_resizer4_setup_41.31.21.2_linkular1.exe has been discovered within the following program.

Free PNG To JPG Converter  by Free Picture Solutions
54% remove it
 
Powered by Should I Remove It?

The file light_image_resizer4_setup_41.31.21.2_linkular1.exe has been seen being distributed by the following 3 URLs.