trvideoconverter.exe

Torrent Video Converter

TorrentRockyou. Inc.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
TorrentRockyou. Inc.

Product:
Torrent Video Converter

Description:
Torrent Video Converter Setup

MD5:
3cdb23f0d0c9f711336349a40883b0ed

SHA-1:
6694ea78447b358b22fa49bd4fdd8bb785844719

SHA-256:
5a3cd612e2f894237d99919554d144d8291bb0bf998bd39bb2eff40c6a8a9952

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/5/2024 3:40:04 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Pedka
1.3.0.4959

ViRobot
Trojan.Win32.A.Clicker.12120440
2011.4.7.4223

File size:
11.6 MB (12,120,440 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\trvideoconverter.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:X7O9r4ze9htcWHMSRO9vKNlkl+tccOUgo3ygt8Uscgh/c6JeTqWgmDXj5RESC5QZ:Xi994WHMSY96/2cODvUscgh/Re+WgmDb

Entry address:
0x9B24

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, DB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9998

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file trvideoconverter.exe has been seen being distributed by the following 12 URLs.

http://dw.uptodown.com/dwn/8TkNxA6fwhzqDE-7Ey1raberK8fDeACVJdzjlwP71MeIWV4rLCmyybJyzAf-3Wt3eATDNMB0aRE1doIenHNkFxomAw4o-0f8cziMqL7RM3VskvAX_iQpIjo5FiEsR8kv/fkgLVYpWuHaIEnXjwLzAUdTo8FnYqN82UMc4-8p-3J8DmbdQoJMJWDzAFAGUhvuz_54O7T2gGg1nRoZC5KJ0-XAG-3jfLhiUlvhq_vQY8IfVlHFP_qN5TpVbR4JNUs1Y/7yzr6iwPCPBM_oHIDacbbvsf_us_v3Xc3EfIeV73e7nrIZB4yUHD82dacSlSayVoTSSI1lcPwUhK7ijVWur26RbfDIK9xtWul-qIaQI2vgEjmc98qathzTp-PYYejOJk/.../

https://dw.uptodown.com/dwn/DahI7hjoK8BVdvChXLZlQXAiB6d9gL7datvrvYMwrPH2JH7DK0T807uZvFEekhmogLUdl-ZGDR1JDn51WcpF8-3-ZmLay5xZNII7hzzqxLIYQUEcwfVwXgSMWY5m6TdR/aoIWNLQ50NWfShvyIfto6aZkx9fWOJMDZSQVIirV277R8-4w1omy643QUElH3Zmiv1oo968-VvKPZ8Mah6aJcWf-OTA7VWOpxh3q0E_VTvWdcSBsaLSTXrjK8DsbNMkM/mAc1qoU7OLcDsyIIzFIR3lbUbKQd-IiYrVP4e2D6ZuoVjaM_9qar0RGxmT4JWkO1yT_EzorlXN5nDt94I6nD9e_O3sVrE_WRc5JPLwBny8EHBmpGwjGcm0PLEYiixGS9/.../

http://dw1.uptodown.com/dwn/mjxD6PthoT5DR0slk66pTPwg6P3duKsxIG6CO8AV1vDTTQ0RSVz5foeNNsDNQnrShFL9Z2BqE014B6KYZvlvGHEP13g8q6rnzJCLA4qx_hLw6ois5oyphmPuS0vTxwAZ/A6cdBLRQqAfR5rHL2AVgPnfG6-1G48tVlsJCSZeyylzwHf46qq03JIDmzAfqEG9flf-J6YOQDI0_X_zMVtAZqXbUo5bkRstWEKS_iXJazMuRnDAAgGb2rvqMWRKuit8Y/KERzqJFFs8h9xO-IDKl1vJmi0DRyjSbtbXjMCKe2atdLbSKCNk-F4aiFwY-SzS88KyqYRvWJj1UjA-4Yj29mXMEumwjHVwDmB3QRH79ZUvbfr6hmg03NUn3acxZZRiHv/.../torrent-video-converter-3-01-win.exe

http://software-files-a.cnet.com/s/software/11/81/59/.../trvideoconverter.exe

http://dw.uptodown.com/dwn/5ORi1HBjVi4nW_NogSChAbfc6SLzYlrAa0IKA79xNEkl97930rGODtFyVuUrHpMEqkiJYKWMmDibzDq6Qo7uka5ZippWKGogo-R4GiPb5dFlKDQQip-sb4KgAZkyJRuO/SbVg5YE7DYT26n1hnyjeRPI7f_pupkf66TUFm4gfdS4Nng09Wl9aIn9FHjTx37k6jdSU81h-EIQ8KF0rdz6gcp2_Z6tBbG6mpMpGuQwe5G8dGChDf-Hc6xt0fRZeVsGH/5ErFbt3ydgGSYrFb6Xq6pO4gw17-m-Kl95EQocvnilfZNAOZUOWCN4R-v4pTjhy048bH5MzFhbPe7d2Kp28O-EkyMEPa_BulPyP3V_BM84cw3JAgn4s7-N6i_cDEqGpV/.../

Scan trvideoconverter.exe - Powered by Reason Core Security