home

rcrdmate.exe

Audio Recorder Pro

EZ SoftMagic, Inc.

The executable rcrdmate.exe, “Audio Recorder Pro Setup ” has been detected as malware by 6 anti-virus scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from audio-recorder.en.softonic.com.
Publisher:
EZ SoftMagic, Inc.

Product:
Audio Recorder Pro

Description:
Audio Recorder Pro Setup

Version:
3.9.0.1

MD5:
010ce460f4aa847e0dd395ed0d3c0930

SHA-1:
e1a77334721779172ec317d6e8c2730f2769fcd7

SHA-256:
e64d649b09a215c0068f0009cf3c501ed12a25a3307c66d8b534a2db45d65f36

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
1/13/2025 1:32:16 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

Dr.Web
Win32.Sector.30
9.0.1.05190

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.223.1545.0

VIPRE Antivirus
Threat.4721115
49632

File size:
3.1 MB (3,213,699 bytes)

Product version:
3.9.0.1

Copyright:
Copyright© 2012 EZ SoftMagic, Inc.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\rcrdmate.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:IoNL4p1NzUOT7UBTHfWtU+AorvBr4pvLCgvh:BEp1tUBT/D+AwyLv

Entry address:
0x9C18

Entry point:
69, F2, 06, C1, 23, CE, 84, D4, EB, 01, 4A, 0D, CF, 78, 44, AB, FF, C3, F2, 81, F3, 17, 85, C3, A9, C6, C0, E3, 68, 88, 4E, 26, 00, 51, 30, EA, 0C, 96, E8, 85, 00, 00, 00, C6, C0, 73, 72, 0B, 8B, EF, 0F, BF, C1, 8D, 3D, 85, E9, 72, 83, C6, C0, 9C, 84, F8, 84, FE, 81, FA, 78, 15, 00, 00, 33, C0, F2, BE, D0, 50, F7, 94, BF, 47, 25, 6D, 95, 69, D3, E3, E6, 09, 21, 8A, D9, C6, C3, B1, 30, E5, 8D, 2D, AE, 09, 00, 00, 74, 01, 46, 81, C5, BE, 04, 00, 00, F7, C2, DA, F0, C9, 33, 03, C5, B5, 87, F2, FE, CB, 2D, 6B...
 
[+]

Entropy:
6.0970

Code size:
37 KB (37,888 bytes)

The file rcrdmate.exe has been seen being distributed by the following URL.

http://audio-recorder.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOXcWk/i WOGeImNQ/7BxXuZjFDhQ9se21tQpx7z9Uc2nYkA9ruw/O8wp8CM/.../OLU=

Remove rcrdmate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.