home

manycamwebinstaller.exe

ManyCam virtual Webcam

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application manycamwebinstaller.exe, “ManyCam Virtual Webcam Web Installer” by Visicom Media has been detected as a potentially unwanted program by 0 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts. While running, it connects to the Internet address server-52-84-179-167.gru50.r.cloudfront.net on port 80 using the HTTP protocol.
Publisher:
Visicom Media Inc.  (signed and verified)

Product:
ManyCam virtual Webcam

Description:
ManyCam Virtual Webcam Web Installer

Version:
1.0.0.10

MD5:
e374b9308c73d295c1c5c2e8a5797d5d

SHA-1:
82ffc26ca51b0a02f98ec2269c338ddc6a515c4b

SHA-256:
bbda924c8f07b8e1aa1be1da6c205efd90ba1fd7b1d024c9c80624d02e690dbd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:32:55 AM UTC  (today)

File size:
248.1 KB (254,056 bytes)

Product version:
1.0.0.10

Copyright:
© 2006-2014 Visicom Media Inc.

Trademarks:
© 2006-2014 Visicom Media Inc, All Rights Reserved

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\manycamwebinstaller.exe

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Thawte, Inc.

Valid from:
5/8/2014 2:00:00 AM

Valid to:
6/21/2016 1:59:59 AM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
266F9E30991B0C3EFC03DA9B8CDDB68D

File PE Metadata
Compilation timestamp:
5/16/2014 2:59:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:ZEWjQgXDVaDOm7BRhtOWt7TJvMm3636qy3Yf:eW5XDsDP7NRuPy34

Entry address:
0x397C

Entry point:
E8, 40, 34, 00, 00, E9, 7F, FE, FF, FF, E9, FF, 15, 00, 00, 3B, 0D, 30, 61, 42, 00, 75, 02, F3, C3, E9, 8A, 17, 00, 00, 55, 8B, EC, 56, 8B, F1, 8B, 4D, 08, C6, 46, 0C, 00, 85, C9, 75, 66, E8, 01, 2A, 00, 00, 8B, D0, 89, 56, 08, 8B, 4A, 6C, 89, 0E, 8B, 4A, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 34, 69, 42, 00, 74, 11, A1, F4, 69, 42, 00, 85, 42, 70, 75, 07, E8, D7, 3E, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 38, 61, 42, 00, 74, 15, 8B, 4E, 08, A1, F4, 69, 42, 00, 85, 41, 70, 75, 08, E8, 3A, 42, 00, 00, 89, 46, 04, 8B...
 
[+]

Code size:
96.5 KB (98,816 bytes)

The file manycamwebinstaller.exe has been seen being distributed by the following 30 URLs.

http://lb.cdn.m6web.fr/d/c/a/09ee3f3fb9d264823330c6450e76387d/54c13968/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/17b7a82107d3d3fd065f445253eecfd2/54ce3aad/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/960666c2694d7025a2191f39d9749d22/5427118d/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/144982a40456410532c71d324637af56/550b1792/soft/.../manycam_4-0-109_fr_60026.exe

http://www.filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/3595248a8a94e6f1f2852d149cd76382/5458def3/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/34184e8f77156cbae9d559ac3c3b36c7/53ff88b7/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/eb9b11da007e80cdd42190c111ec2ab6/550eb4cd/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/f8b2dfd00c2ced2391452efcd0dcb6c9/5470e80f/soft/.../manycam_4-0-109_fr_60026.exe

http://software.thaiware.com/download_url.php?id=10445

http://filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/426d5b3830cfd021762b011d17e27280/54eb6b45/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/c8550d5862cdc08c3ad3fdac4396378d/54d13e63/soft/.../manycam_4-0-109_fr_60026.exe

&onid=2348&oid=3001-2348_4-10593500&rsid=cbsidownloadcomsite&sl=en&sc=us&pdguid=download:13789545&topicguid=chat-voip-email/webcam-video&topicbrcrm=windows software&pid=13789545&mfgid=6287609&merid=6287609&ctype=dm&cval=NONE&devicetype=desktop&pguid=86aac94f3a1b1a519e288ee7&viewguid=PJwggT3S1y89LZvp68k9Tz2qFZS4WvVSCJUn&destUrl=http://software-files-a.cnet.com/s/software/13/78/95/.../ManyCamWebInstaller.exe

http://lb.cdn.m6web.fr/d/c/a/ffc14401b250ca1cf4964f6959eb86d1/54d548a6/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/a470bf3bd1707423eb32a5e600542de3/540a07dc/soft/.../manycam_4-0-109_fr_60026.exe

http://d210.cdn.m6web.fr/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/7a0f4adda75f2763b1aa40b8d2f8d247/54ca058e/soft/.../manycam_4-0-109_fr_60026.exe

http://d110.cdn.m6web.fr/soft/.../manycam_4-0-109_fr_60026.exe

http://lb.cdn.m6web.fr/d/c/a/6bca844c1d47ff0689e9b29424f64b02/548dfdd8/soft/.../manycam_4-0-109_fr_60026.exe

&onid=2348&oid=3001-2348_4-10593500&rsid=cbsidownloadcomsite&sl=en&sc=us&pdguid=download:13806835&topicguid=chat-voip-email/webcam-video&topicbrcrm=windows software&pid=13806835&mfgid=6287609&merid=6287609&ctype=dm&cval=NONE&devicetype=desktop&pguid=fba6174abe18fe74d4adc77f&viewguid=P5XjW4XJoO@zWNtmVYJ2-hdJdYfGfz8Pqpr4&destUrl=http://software-files-a.cnet.com/s/software/13/80/68/.../ManyCamWebInstaller.exe

http://download2.manycam.com/ManyCam.exe

https://store.manycam.com/795/cookie?affiliate=3043&redirectto=http://.../ManyCam.exe

http://www.filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://software-files-a.cnet.com/s/software/13/80/68/.../ManyCamWebInstaller.exe

http://download2.manycam.com/ManyCamStandaloneSetup.exe

http://download3.manycam.com/ManyCamWebInstaller.exe

http://download.forest.impress.co.jp/pub/library/m/manycam/.../ManyCamWebInstaller.exe

http://software-files-a.cnet.com/s/software/13/78/95/.../ManyCamWebInstaller.exe

Latest 30 of 30 download URLs

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to server-52-84-179-167.gru50.r.cloudfront.net  (52.84.179.167:80)

Remove manycamwebinstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.