ummyvideodownloader.exe

UmmyVideoDownloader 1.5.0.0

Magicbit, Inc

The application ummyvideodownloader.exe, “Ummy Video Downloader ” by Magicbit, Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from sf-apps.com and multiple other hosts.
Publisher:
Magicbit, Inc  (signed and verified)

Product:
UmmyVideoDownloader 1.5.0.0

Description:
Ummy Video Downloader

Version:
1.5.0.0

MD5:
8a5d980819beee11f7a6aad3ce417497

SHA-1:
19c16b8f253cfb6aa5843b33eaab29ac2bca1fdf

SHA-256:
1d54b8ab358f687fd53391c32c67f35237719f1d1e8af25503b25ec8e9aaeaf8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 4:22:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Magicbit.Downloader.Installer.Meta (M)
16.3.31.18

File size:
14.3 MB (15,018,416 bytes)

Product version:
1.5.0.0

Copyright:
All Rights reserved © 2014-2015

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\ummyvideodownloader.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/21/2014 5:30:00 AM

Valid to:
4/21/2017 5:29:59 AM

Subject:
CN="Magicbit, Inc", O="Magicbit, Inc", STREET="901 N. Pitt Street, Suite 325", L=Alexandria, S=VA, PostalCode=22314, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B5B2652535A2ACE1ACBFF9D5D7816AD4

File PE Metadata
Compilation timestamp:
7/9/2014 1:28:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:VM9l9wPtYcgI/m5NRbsxPAUuUIJ9J6i8Fx+kxICnpl4TIXtx:m9LE/gI+RMYkI/J6hjplsKtx

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9988

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file ummyvideodownloader.exe has been seen being distributed by the following 50 URLs.

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=mu

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=be

http://www.conceptssafepresent.com/6QGAXuq5 l8ZVypk9f5tHW2tDY3B02ONrjZIc5Im1 Gdjl_uBLNa3PCR8gzVPYtWm6t5oPwXY bPTA1d_XLZnZq23R Qq9Fur2SjemNp47k0PBXXJpQE50NtEZt2X1Y8qeEeq9y3XbCrl4zpkZMmzhJJfb wwt _jwuRoH7pXQ82ttcYqo7hR_K4JZSpD_GB_1wQqWa7A3TufTh6IfyfvClLqEhRtB7pExEvBNZcvvtjF9NGZT_8WgYfk_Vy75OXbuFmVXqpZrYMd2sNmysEg1XdzQfK2E6AeSJdi_6tnHG97xGNY5q__OLEi0xK39FaGbyRlikc_eFA5DFX4iiiKo_k_L8ZOZAL_H8ufpo2xZ5x9bJ9ZUCihXgsnyuGgwrSt1qMyEVbzhTCQ68ZdjSWT9WYzsNExoK_U1k39z6RVH2PbK3zP8NgZydZyn Ts4dLQ6xLIMtLXKbLNUEJN0_2pFEtSwAEr 2nt8kdcvYO0hoC66EvMawoN8QJ3q wOAGl6gu9uAzF-G0sAAGRgnq0tAk6QTsIGHLgEFGCgA9r5bVnb83klQX7B3fl8mY5H1ziEXqfTD5y_s_R4Ci6s2bvjfMrfxN86Fm_Ktaj2A8wCgtMYSWkS-e

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=do

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=ye

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=pa

http://www.clearheartgift.com/5QizLABHhGkAsYn69FaMILtRYI0tiqr5erI3K8WUIn2_FtQjs7p1AMRjrg_ACdi_yL7ci9CSIlK5LakJKKdky4sH2_FtU3KR WklvBqrmWWXaq9O0NNceCwDQYRpw1ftPvZhsLbocv1Er3TqI8KIjhQxQD_oystREmsBRfy2f3P54nrMZuJQvRAP0vTcWo0TKkDHd0pCBmK8iuW3xtOaWbU_IFe7LSdcoXZpWdI_ KtV_U02r5bYvMhQxhqNEyZiCJXYFpQtIan22X1bIXIlQz1qZex89GZwZQUzFqWuy_0XlR043exPzearRPJ5K5DvYhihAN1X_UjEtuc QEenzOs3ex5cGT5e7s7c3YdhN59ayo4oEeEK5JSHHXCSzg88_W0rOlmgOPzFSzHnWxwfTGgc7wsmBdZ9KYD3VVF ArOb2WJFlBi3xCX9bHSSAmDBKUMR7dUZBi3XMl_ulQNPwxPY4dTQlBW5xIuxcjSGcdHIldA4GaPQp6zV5mr0TRi9cjUDQnV1-G0sAAGRwXmuLO6AIV4BNiCizqCSz7bO7rm0J MJ WdZqKhriELnn Yf1VyvnJRlF6u7OleXorfl_YxPukDgtqCWMZBgSwzkcAw==-e

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=no

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=cr

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=bf

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=gu

http://www.clearheartgift.com/hVdHT_EfreY g6mixbFBLgzGlEsbOPunG4s5GVBbQna1VUA6K85pQ91sO8uLwhqPmOtGFYs3I3gRR0Qycww0Nq_HfDYkhr4IDc6GeLeSTr6OQUwnthxINfqJP3KEIoP5hvhPlEvy0B0Iz2WqWD3AEHjSg6EJsG74irLzjb9r0fE5zeiGFywej OLJUTlVOOG1eZ5N 5B6IyG2Poe7 ZBnTgWMcJLjbN8_WagKLPiekZbLAEmlr97vNqReuvxDjMgA8lLSiIlxujGUkH5P8e5eN6wFUy8qBb3jvjHQRkm5HOoELrIFuG960nuv42yVhbdJH8_6WzvZao4dPE nxtj7olEfcgQ7hYbmDMyCh K2zZPlMJLmDrkJ2gIcGVfPZARtTPjh6wXaUAyoAh61VUJoMfel08NwFawtul1EP4GbGf48vsy2Nio9yCjDDkghkvWsCgFoFXgV60njmVoBIagOQ3 BZNBakhPf7fHMRDfI_uIzVO7gO7uR3oe2nq7x I5dPF2Wl3-G0sAAORwXWuL25Pp4sMRYBMiyiwqyWz77K5rWwK uF WtZqKhigg9zz_uP5q87x0GsJjT6F1IMjBt0Opyhq5RbVOc6LISqJMcw==-e

http://www.clearheartgift.com/ppzHcLlzYx5pqiEdkpC6v5TvA I_ 6fC937oosb6E5JJIMJJzExoUFZUu4fEJXi7ljBxjGzgjP6UFfmtRpnNTudv3JBby nNeOdBtfAuvxAOW2LZSPcjgnrtESuAn oeKPXKneOi1cdafRQYBwM8lF_nONMNs1EnGtljVl9hNNmx1blRtQTj4J3bbOh WqIqzuo1vNdw-G0sAAGRwXmuLOIB6Z4BNiCizqCSz7bO7rm0J MJ WdZqKhqSCN3z_MP6q7XzUjI39hOnyr13TGnDLqLYmqoA1ApBczwmSYKhAA==

http://www.giftclearbundles.com/XksYPJ _4d3GNAZmq11LRtwmOs1u2_ Tvg8DtsmVCE5bU8xS1N5jwV7DHJCMyXO9HhJinzaVbdO2piCf1wJiTXPLFKsKH unsFM8UXtU4DQRjKVgYQN1vM3VxPB8LgFftlGrFgbrUzKlH1fPOsKeTNHxZ1u1h8jAmkPDXZXbeyk_w e02Xi 5XcSsVfKZMhN9ZQRqd39kHMp_r8h u444tiOV2pBTraU3Fu2MEL GL6BwrIMnA56xzFkFC J33s0ulqGmMPknYjBfM JgvJSWaikDDg6pdKjnu5b0V2D_k1WzMeWQikH4wlS38qIGi03xnruAXPLgUFKBadC6wFu2r61N9eyR1qRTxQprQyTc6q_kF4PYsm31r7pCxW1LQN1URu3_pAYh5RaEmCwBGyvcz5R3PFvPBsNN _OoM3kG8b_p cQEXBxMx3sFnKhVUp23svYHBUMiIW8w wzOsTeqD2RE7XVvyVDcT7cnTIKCBh9CYvj0ZgUXDqWQgLRu86SOHRe_S4-G0sAAGRwXmuLt7LYIDUhosyiksy2z_Y81yXgC3XzvJRj0RB48DVNH1S9lXycIqHp8Z9oZ_UiXz7Y_6leKuKASkQJBsFoiqAw-e

http://www.appcenterdelivery.com/CEfy6OZYfKUoFIYv0f1Pk6Wk42 DMndwwLxpD2stRmCJcwVi2GHWq1h8d2njnpHKABfmEq6tTgoZ5rFt4WRkjnwjcyIx6zWPVxOwsWqhMKpoGFiGtwzLIt9 4hrGy5jb1 NJbk VNH3NHx0QbFeYAeAXIuiglcQHRUYPkikYB3bPomYoiDqM6Y8nm7C0qn00AldFv8PAFqHAiD5mKjwKrx4X1fim3PpzS4e7uonsruqbsv8WQegCsixJ8ER_dPKZPJ63_s_YvxuWtVoKFmkDb5ZFFepq4oRE8LiCzbb1AFq4pTR3PcBQ9CTT5i6lU5zPIEoWt86sbbNQbjq8jkARDlIQWsokleodiPhgaP6qKuQKj5BXN9QdoR_LKHllutLc cWZrop7WfULd2fOxdaTiT j3blLc_PY63Xwf_qak10Z_K0gQzyLVUiL5hw3I7wWw_CjwVd9akiYby8udta18jUj8aBzZI0Xo7bcVbVeKkItlWRfnE5aRpknfkA3b1KUCRz62Ojn-G0sAAGRwXmuLO4AONUhNiCizqCSz7bM9z3UJ MJunpdyLBoCD7mm6YPVWynHKf1jEk89eTzfPMWv3enEPDoPqCSMZFGMw3CaBQ==-e

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=bz

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=lb

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=na

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=om

http://www.giftchuckleflash.com/3vE6dOvmoFjzFB42NYzBM3VXPuHWCX jgtlzYXh Zk5L0 O2kkQHrxpTrEsQl1smx85iuwf7X117A 0GBz0dXCUEed1yKTG4XCLuRj 0ZXwdz Uj4g7I_gKqXzxkjyt bqq3VeF7HsggD4b467dMRD5DoSvbMf1hT_1SL0EYhr9sT4HD1lDJCKO8F2vA42my9SuDNQ6P-G0sAAGRwXmuLO1WpCKEJEWUWlWS2fXbXtS0BX9gvy1pNRUMUIPc8_7D auW8pHSyvvnT6RlXz2NN2Iq6ytoDtYSRDEGTBEqx

http://www.signnowhosting.com/fxuTfwlsO r1i2PDbExiHmdraaOYEcoRdEy4GxA2Ae32xICeFYYxYDG4VF8Xs2ddxzH2GzNfQFmXPNJZDyIa8gfeLZlMWJQ mnYsok5ucoJwtUjgQSc7Nkls34alhdHxiQStq2Juqg_ZE2bBiT7QgYuaKzJ1pRhXbd_9bGCo8fzLQtG4F6 t6REhVfGkZpS39NeR39eQkLjzvKqkZgITmVwopBU5mftsFFyQOrF_VQLgvUy4r8o8gquNzh3UCRuo0J42gM S17mUod5j41dP7clDrAsZaZjUQ9wbKk0rZNRtwj0PyrCbv_9ob2bmU9w8KwHeCGdMaub6lVCHFnM9ItlXtozuqsk1m9s4QardnJoIeAUS_OxmT zehqJ_YArKzrgeNI9kDZLT2I 1lYf2S3XGZnVXLL_k4IU42uY11WOWUosJa4OKfI5jGSBgpLvBGhQMmWwBg JZMXt6Q86nUkR_bmA7aIUPwFn5g4i7L19_M67lNpJx9MLevb1IQ7Hxhf4ZfPWI-G0sAAGRgnq2tQUpCBfA3IaLMopLMts_ vvcl4AsN67rVc9GQRPCzLH o TXydYu36zh_0EPHov_rVnpb2onnAdCIKEGzBIKzKAs=-e

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=fj

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=jm

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=kh

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=py

http://www.giftclearbundles.com/GHQl0EcQXI2CgtaG7_A8ogeXLrz55Q5UecY10W5TuIWZxae8_czYzsCKBYHZ4q3lPondEBXqxREmLXjBxyhKYOOgoyqrjwECpGmAMKsntnuzgtPAQsooK7ZA8jAJ5nfwueemR701rPq59j5zRLzxEk2f3LFnmcrU8ZGNbl89TU6FJjTociVtwrl3JCRFxngpeRJBS9OmSgcBvW6R348mgX1pkng00Kj0TrznFaUy9baOSjrvdYANiSr4cR0ctOOmzUqpG293P_MG36PIXgSqbzbtfM1P5Exd8fvwRrwpupfTe 7IoE j8A845IFEbKJ_H0V1qQOvJfK1w38aVQ Lku9tdhuqSZmgKCo44WlOHoVME6otsB q7Gavem8btNOztiLzCyyzVRokhZvre0_n65ujh2hn GDUS35g9S9khXCN9jSXgDA7D7AKjoFxJpCBA_YmhvSm05a6d97fdNqueZJDpgB1ZM3TCaFu5L2a seRSFfeVE8 QnvM dtBADjZG3nsO_7b-G0sAAGRgnq0tSorihSZElFlUktn2ubxetyXgC66Xy3U4ioYig97n QfH3yg9X4LutVF5y65NTIXPoO7Wd0w5X2AUEJyGMZhECQQ=-e

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=zw

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=si

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=mm

http://sf-apps.com/ummy/.../get.php?id=oc_2&f=base&country=ao

Latest 30 of 111 download URLs

Remove ummyvideodownloader.exe - Powered by Reason Core Security