mp3directcut_setup.exe

The application mp3directcut_setup.exe has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from cdn.besplatnyeprogrammy.ru.
MD5:
e6f644f3bb7ff37f03650355f6a855da

SHA-1:
d838ce912869aacb75d15c3a7d63acdcdae7dd4b

SHA-256:
b671c837e5b34b1ce7cc38d8ce00b2d4ed52c8e06fb97b597e48c7161952d80f

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 4:25:06 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
PUA.Win32.Softobase
4.0.3.16213

ESET NOD32
Win32/Softobase.C potentially unwanted
10.12698

G Data
NSIS.Application.Softobase
16.2.25

K7 AntiVirus
Adware
13.212.18060

Kaspersky
not-a-virus:HEUR:Downloader.NSIS.SoftBase
14.0.0.666

McAfee
Artemis!E6F644F3BB7F
5600.6490

NANO AntiVirus
Trojan.Nsis.SoftBase.dsgvph
1.0.10.5081

Panda Antivirus
Generic Suspicious
16.02.13.06

Sophos
Generic PUA NI (PUA)
4.98

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
45732

ViRobot
Trojan.Win32.S.Agent.226436[h]
2014.3.20.0

File size:
221.1 KB (226,436 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mp3directcut_setup.exe

File PE Metadata
Compilation timestamp:
3/5/2015 11:03:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
6144:oJtUK/n0bR3KAIbOsggjD6UK7DfCyQ8Z862x:oJtL/nKgxKvfCyQd

Entry address:
0x492B

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, 9C, 01, 00, 00, FF, 15, 80, E3, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 64, E4, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, A4, E4, 42, 00, 56, C7, 04, 24, 08, 00, 00, 00, A3, 40, BB, 42, 00, E8, DC, 3F, 00, 00, A3, 9C, BB, 42, 00, 8D, 85, 88, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, FD, C8, 40, 00, FF, 15, B8, E4, 42, 00, 83, EC, 14, C7, 44, 24, 04, FE, C8, 40, 00, C7...
 
[+]

Code size:
37 KB (37,888 bytes)

The file mp3directcut_setup.exe has been seen being distributed by the following URL.

Remove mp3directcut_setup.exe - Powered by Reason Core Security