» mp3directcut_setup.exe
Overview
Analysis
File Details
Downloads (1)

mp3directcut_setup.exe

The application mp3directcut_setup.exe has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from moywot.ru.

File name:

MD5:

bf8708bde18a3c65ae59d3157f138229

SHA-1:

885ffd855a9c43a99381701da6016e01cbd7c946

SHA-256:

085dcb1031044b9f9e33fce0e75e83c9a1c5d183ef61d5f4e1c9c4047c10c5c3

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

1/24/2025 5:41:56 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

PUA.Win32.Softobase

4.0.3.16422

Dr.Web

Adware.Downware.10974

9.0.1.0113

ESET NOD32

Win32/Softobase.C potentially unwanted

10.12413

G Data

Win32.Trojan.Agent.A630GR

16.4.25

K7 AntiVirus

Adware

13.210.17548

Kaspersky

not-a-virus:HEUR:Downloader.NSIS.SoftBase

14.0.0.325

McAfee

Artemis!BF8708BDE18A

5600.6422

NANO AntiVirus

Trojan.Nsis.SoftBase.dsgvph

0.30.26.3947

Panda Antivirus

Generic Suspicious

16.04.22.12

Sophos

Generic PUA II (PUA)

4.98

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

44548

File size:

209.8 KB (214,827 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\mp3directcut_setup.exe

File PE Metadata

Compilation timestamp:

3/6/2015 12:03:47 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.23

CTPH (ssdeep):

6144:oJtUK/n0bR3KAIbOsggjD6DitNAI3dEih72y71H5Fw:oJtL/nKgGitvNEo1H5Fw

Entry address:

0x492B

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, 9C, 01, 00, 00, FF, 15, 80, E3, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 64, E4, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, A4, E4, 42, 00, 56, C7, 04, 24, 08, 00, 00, 00, A3, 40, BB, 42, 00, E8, DC, 3F, 00, 00, A3, 9C, BB, 42, 00, 8D, 85, 88, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, FD, C8, 40, 00, FF, 15, B8, E4, 42, 00, 83, EC, 14, C7, 44, 24, 04, FE, C8, 40, 00, C7... 
[+]

Code size:

37 KB (37,888 bytes)

The file mp3directcut_setup.exe has been seen being distributed by the following URL.

http://moywot.ru/.../Mp3DirectCut_Setup.exe

Remove mp3directcut_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.