home

mymp3splitter_setup_ad.exe

My MP3 Splitter

Ye Yizhou

The application mymp3splitter_setup_ad.exe, “My MP3 Splitter Setup ” by Ye Yizhou has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from my_mp3_splitter.softonic.com and multiple other hosts.
Publisher:
zxt2007.com   (signed by Ye Yizhou)

Product:
My MP3 Splitter

Description:
My MP3 Splitter Setup

Version:
2.3.2.0

MD5:
a55b59a9cdf35309dd13aa582818ca4c

SHA-1:
b0d15f82815ec964eab26e3604fb7471273e7aa0

SHA-256:
4beee113b9217690bdef56f5fd25db0353a8aae6c5923b4fcfe144c8e8dc4817

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 4:41:59 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler (M)
16.8.29.7

File size:
989.3 KB (1,013,008 bytes)

Product version:
2.3.2.0

Copyright:
Copyright 2010-2015 zxt2007.com.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mymp3splitter_setup_ad.exe

Digital Signature
Signed by:
Ye Yizhou

Authority:
WoSign CA Limited

Valid from:
9/7/2015 8:30:33 AM

Valid to:
9/7/2016 8:30:33 AM

Subject:
CN=Ye Yizhou, L=Longyou, S=Zhejiang, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:
304E7576E2082A9B6E87C0FFCC4B397C

File PE Metadata
Compilation timestamp:
7/16/2015 6:54:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:9xGH7Z6+FevHtRtwxvijZp0DIGbCHoJrfRaBf:WKfry1MKMGeMRah

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86...
 
[+]

Entropy:
7.8887

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file mymp3splitter_setup_ad.exe has been seen being distributed by the following 8 URLs.

https://my_mp3_splitter.softonic.com/.../trmsvRChbxdrflJq3ZIylWswuLEQ49FsUDAE5TMaBGzyH5CpHghDADZqEHluqVriSFrNn4kZgt2qnh4IOJ80PBUbu0QcFsXbRpBnBL7YF80o3XJgcJSrRAVTpzr7GgEBQEEAXmiDBvgqgKzgPG7E0N4=

http://software.thaiware.com/download_url.php?id=1967

http://en.zxt2007.com/.../mymp3splitter_setup_ad.exe

http://en.softonic.com/sads/tracker.php?ev=c&co=PH&upv=cce0c76313250278bb773c795fabcd37&z=results&sk=0&abp=0&params=F39B2A32BFC101987B1458170C278E039DCCD7061C29B2A609FEC3D7FA748B562CF28C069F96E0E4B218F40A5541CBE5D706ADF3B40F283E7B79720C8F3CBA1F9E2EEFCDBA11C3BDAA475089DD81E1CA3AA7DC7ED63452E1BA7AEC5CD3AC9441ACE1848CA2E00C4B9B93413FC2B3B776090F4AE731E972A0C25D329921CC3EBF50F09B1F4845966997C513753B21FB2FD044E4FDD7F705319489E752FC7B7F6E&h=3149DE936F18BE71D0DB571D199A9026459D2678AB5F175FA9DE018640B73A2E&directdownload=1&f=333471&d=http://en.zxt2007.com/.../mymp3splitter_setup_ad.exe

http://en.zxt2007.com/.../mymp3splitter_setup.exe

http://my_mp3_splitter.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPemSpzydROONygDLMhXLMTlkesa85E2lr2EB4Yvr7k9Zl45 iSnJrYgMBN7PKlzmioOX7E1WVnzbWgqdHNBHAHEkf6sefGKQbwMmbVo9K /.../i9H0 MFpfukuskjZsN8E=

http://en.softonic.com/sads/tracker.php?ev=c&co=IN&sid=adc693afaf8178c542ef6513f2b7bd94&upv=89ca26c5791bfdfb9130961a1924395b&z=download-cpd&sk=593&abp=0&params=F39B2A32BFC101987B1458170C278E039DCCD7061C29B2A609FEC3D7FA748B56DD98892DDDCEB3A02A9FDA93BB4D6A239580EA4AD2A279DEB1843CB0C2DD06D5A8C8F9181AC64B97BC508C37630A4DD037028267D987C452CB98E41297616077BD1514FBB68CECEB414F37230DD060E451D9E1DEA6D11D1BD1F5B881B1E4930611ADAD2195CE1B64BC8607ABC01ADAB31EDB78001FD4D400E063C3D03A6B081D&h=560492A0EE468F90BB0C5C07C966AA50E4F5B0C63BD3B77830C7A7F972DDE560&directdownload=1&f=333471&d=http://en.zxt2007.com/.../mymp3splitter_setup.exe

http://my_mp3_splitter.softonic.com/.../trmsvRChbxdrflJq3ZIylWswuLEQ49FsUDAE5TMaBGzyH5CpHghDADZqEHluqVriSFrNn4kZgt2qnh4IOJ80PBUbu0QcFsXbRpBnBL7YF80o3XJgcJSrRAVTpzr7GgEBQEEAXmiDBvgqgKzgPG7E0N4=

Remove mymp3splitter_setup_ad.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.