home

manycam.hp3248

ManyCam Virtual Webcam

ManyCam

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The file manycam.hp3248 by ManyCam has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Visicom Media Inc.  (signed by ManyCam)

Product:
ManyCam Virtual Webcam

Version:
5.0.0.2

MD5:
da8286796a1ba92e2288fc4a083edc15

SHA-1:
fea9b96527328a107d5e913e837016aacfcafd77

SHA-256:
8e3108185aee15537c044fb4b4b92203db85b3b3cfea2280faf1660d84230efe

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
1/13/2025 5:51:51 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom
17.3.12.2

File size:
953.2 KB (976,088 bytes)

Product version:
5.0.0.2

Copyright:
(c) 2006-2016 Visicom Media Inc.

Original file name:
youtubesource.dll

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\manycam.hp3248

Digital Signature
Signed by:
ManyCam

Authority:
VeriSign, Inc.

Valid from:
10/28/2014 5:00:00 PM

Valid to:
10/28/2016 4:59:59 PM

Subject:
CN=ManyCam, OU=ManyCam, O=ManyCam, L=Brossard, S=Quebec, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4951B59C41CC014CC60A41D270B7F03B

File PE Metadata
Compilation timestamp:
6/7/2016 12:11:19 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0xA3B77

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7C, 0D, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, 00, 25, 0D, 10, E8, AA, 0A, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, 70, 02, 0E, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, 80, 45, 0E, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, 78, AA, 0C, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00...
 
[+]

Entropy:
6.8109

Developed / compiled with:
Microsoft Visual C++

Code size:
656 KB (671,744 bytes)

Remove manycam.hp3248 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.