smartmediaconvertersetup.exe

SmartMediaConverterSetup.exe

Applon

The application smartmediaconvertersetup.exe by Applon has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from secure.seawavecdn.com and multiple other hosts.
Publisher:
Applon  (signed and verified)

Product:
SmartMediaConverterSetup.exe

Version:
1.0.18.0

MD5:
5e9cc14490b1ccf155b352cdf41fef5d

SHA-1:
6dc3891bfe0b05c982a681abaf93f88ff30c9e06

SHA-256:
4f94c384ad9634e7d4c2a8048fcc396de15834138bd17294119221bb57b77239

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 1:10:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.Applon.Y
14.8.8.0

File size:
117.5 KB (120,344 bytes)

Product version:
1.0.18.0

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\smartmediaconvertersetup.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
8/10/2013 5:00:00 PM

Valid to:
8/11/2014 4:59:59 PM

Subject:
CN=Applon, O=Applon, STREET=44 Primrose Crescent, L=SUNDERLAND, S=Tyne and Wear, PostalCode=SR6 9RJ, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
61D4C21BAC72FFC01DD91677B59DA3E6

File PE Metadata
Compilation timestamp:
12/5/2009 2:52:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:vuxkZuTXJYJQ6FYyOsII1ITaGv57cpsttVF/cWaNBB:vS26oxOsIICTaGC+VF7YD

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 6F, 44, 00, E8, 09, 2C, 00, 00, A3, A4, 6E, 44, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, 9C, 42, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 2E, 44, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, F0, 46, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.2118

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file smartmediaconvertersetup.exe has been seen being distributed by the following 6 URLs.

http://secure.seawavecdn.com/.../SmartMediaConverterSetup.exe

Remove smartmediaconvertersetup.exe - Powered by Reason Core Security