movietogif_setup.exe

Movie To GIF

Ye Yizhou

The application movietogif_setup.exe, “Movie To GIF Setup ” by Ye Yizhou has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from it.softonic.com and multiple other hosts.
Publisher:
zxt2007.com   (signed by Ye Yizhou)

Product:
Movie To GIF

Description:
Movie To GIF Setup

Version:
1.2.4.0

MD5:
37c051236668344dc26acad31d7e261a

SHA-1:
49182d00649351e0c5c2773aeab306dcadead25a

SHA-256:
a36e70d0bf696892abcd2eabac8a1ffeec104e507c9f412ad34bf90d3a2678f6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 12:14:50 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler.YeYizhou.Installer.Meta (M)
16.7.8.10

File size:
6.7 MB (6,997,864 bytes)

Product version:
1.2.4.0

Copyright:
Copyright 2015 ZXT2007.com.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\movietogif_setup.exe

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
9/7/2015 8:30:33 AM

Valid to:
9/7/2016 8:30:33 AM

Subject:
CN=Ye Yizhou, L=Longyou, S=Zhejiang, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:
304E7576E2082A9B6E87C0FFCC4B397C

File PE Metadata
Compilation timestamp:
7/16/2015 6:54:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:95QzkB5Rw2tQbfmIc75V9ulSeWmOfuIRzKsEl:/QOjw22bfSdulSessl

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86...
 
[+]

Entropy:
7.9954

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file movietogif_setup.exe has been seen being distributed by the following 23 URLs.

http://it.softonic.com/sads/tracker.php?ev=c&co=IT&sid=6af86f6fc31d7b944eb2de2357fb367f&upv=765bd7250ccb6edb87552035315d58f2&z=results&sk=0&abp=1&params=0AD273D27321422AABDECB0441027EAED7336EDE3867BAE6142F35AAE2AA5EA4F9C3DD6111DDA5ABF7D05DFDE76A22379D16462A2A9B71F9C811075F24853D8CBB8F12D1C99B0F2400C9BAE3AE07270BB359BBE6A70BD239241F52160713325D893B6368BD305CF981EF85D83AD6AE8CA2961A34A2B778F2E2C39237EAC182FAD187CAEE9AF02FFBC2EFF1A2FEA75F54AA41F5E573415D190220BF8239C26EB7&h=4D6FAD241BAC48C2C58F560BD3581E122B271CC8452F580CEC8898D1F8A86A21&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup_a.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CO&sid=7dfd50dbdea08ad3fa02cd86d69828a6&upv=95edc5294b6272da6931f84a2e60f898&z=download-cpd&sk=716&abp=1&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2FCD91441EE13E6B009FC4105A6B464116F0E6E806BD20B75ACEB43CA76097F5214E60C6BDA05E990FE99EC7418EADEDE9B87A40CC2B0D9B989727DBCCF909241E33F2E12FC107BD672CD5961A03662F954F47F8726273C36099D32DB96171CE577BDEBD3AAEF434A065F7A7E10F493044835F1C67B73CE4013CEEAA5AC9836EE&h=64EBBDE6A031BD58CA6B0AF122E99F291E03D0F59F7F8A9BE1F8F7C433DF3325&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CO&sid=8d95c79c78f61146893fcb6aea1bde09&upv=db3c3d8fa6d953647f74563894839588&z=download-cpd&sk=706&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2FCD91441EE13E6B009FC4105A6B464110897BDB3D4E22688B3F6168CD2C55D80F0D20CEC259268BEF466F2A41CDB6639DCFE304673A21B80755E82DCE61F70E722DA5625141B24038EDA9DD74DB6F168DEFD57927F69529CBFB1A30245C03245AEB3EB0701969840666A3FCB86766D192319E4ACB7D0E1C717566F6DA1EBE6CA&h=193A56652808712FF89E414E805EE3CFBEA720B7E8165722AA2AA2B12F268D3B&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CO&sid=2eebb3fdd491153d4cceb082a7bc53d5&upv=727ed23ff48699e0ceafb57a23542897&z=results&sk=0&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2088D1DDF44A31A8323E94A795DE32EDB80B6B1956EEA293B8A99D1B882CA5A391F8620DB039D2EA42066DA119CE0E8F22CCC63BF98870DAD664932F6AA094B0055A1A1E82D244FAB64B88079956A3AB3786D69DB5871BC8C4AD6BA5D64B1ECF851AB004755FFF0CD6C67AE51E85F274C0F525A260D0782006EB53779C761CF2707FFE80BBDD6EEA84A8BD7970A74A45E&h=CA163EF62BC90241A2F834459C845032C2E0192141E55A1E61F020DF05401D20&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup_a.exe

http://en.zxt2007.com/.../movietogif_setup_a.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=MX&sid=dc581500ff793fa64be40ed81ef4d6b9&upv=3b184656e3cd116bc1261bb3bb989adb&z=results&sk=0&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2088D1DDF44A31A8323E94A795DE32EDB9C4360D1985AF2921AAEBA89A3D0431E7F25E44DF2B39D1CB87F514DF99A2F0043863625A485B91647951AD8914B675459C3278CCB9DCC7B3956EE43321386EA9FB249FA70439B6584C737E3448212F4E58A9ECD4D83D8A0401C0CCA16E307D0CC21FA574922F1D16A4E516199612A464A625150AEB64A759163B245579E816A&h=52056F4C4F9EB24DB1EF6C33EB70A96B5525DFB5D89DEADBD8C614CAC9B505EA&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup_a.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CO&sid=e6e918d70317687664bc4f0f1cf6aadf&upv=219322d28e9b09cb9c80206a977d0990&z=download-cpd&sk=1477&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2FCD91441EE13E6B009FC4105A6B464116F0E6E806BD20B75ACEB43CA76097F5214E60C6BDA05E990FE99EC7418EADEDE7EA78DDF2BE5346CE5994AE714363352D05A8998270EAD0B365CB0A542A625CECE6ACE4A24E3874F1318D5E5C8615492AD643C36CDF4EC1C11E987FD5019847D06E3944E162624A6F9095B788411A632&h=D15AC5192D5EA399776E12B30ABE39C0E19CD5FEA20647AD6DB646B1B8C2F5BB&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=AR&sid=505cec97f80cc24ab91ba079f54940c3&upv=85a04b2f3637474729027077bc0b9f59&z=download-cpd&sk=706&abp=1&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2FCD91441EE13E6B009FC4105A6B464110897BDB3D4E22688B3F6168CD2C55D80CDE6F7ED3A253CC57A0C687608CF76169FD32A832E2E4A81DA7EB3A029E0CC16F19EFC8A2D978C90CACC88DAA6D8C068435FDCC4006DD87E4A6CCCAABA317F6E6063E69D2CD96EB651A5970F881519DA8C7E0FA14AA3AF8FB11ADEDB1BD16D9E&h=D0C7296F0E289E0D03F623F26EEA6A927017881B19C87E3F450421D8B90BBE83&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup.exe

http://de.softonic.com/sads/tracker.php?ev=c&co=DE&sid=620b087a0f67d5ea35a0d08643cd3973&upv=ecf5df722de406dcd95c2fbfc38874a9&z=results&sk=0&abp=0&params=E58A21D548552342230FD9D405D3DC9D6BFC5D29432B41781F7A2E94CF1BC1BBDF7AC3BA479BF0835BEC1C2041274003C8135EAAC25B138D56A277AA1AFED1A96ABC2124F8EB746385A3DC59ED3AA12371CB635846DB93C92AF7246CC0C0160FBDB1A39A6263101F9941D594438FB8839B97E94F1E15DE87F0769DB2A4672F25D952A2BE11E65A057311D3CA80E5B3B3D0F920496C7CE2EA3D26384BFDFE2CC5&h=58A7DCBB0093D8B7D41C410515ABF39372130DE693438012F4108139252BA064&directdownload=1&f=69688960&d=http://en.zxt2007.com/.../movietogif_setup_a.exe

Remove movietogif_setup.exe - Powered by Reason Core Security