VDownloaderSetup.exe

VDownloader

Bonjoy Software

The file VDownloaderSetup.exe, “VDownloader Setup Program” by Bonjoy Software has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Vitzo Limited  (signed by Bonjoy Software)

Product:
VDownloader

Description:
VDownloader Setup Program

Version:
4.0

MD5:
5d4c3212047fc787a1fee4d35add513f

SHA-1:
a239f7e4519e952882e2e5761eb4b1885db01bec

SHA-256:
4be744de7a8ee1c06945dee2292f475049f8f21499312b5ecd5b123110a67072

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 12:55:38 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BonjoySoftware.Installer (M)
16.2.24.5

File size:
1.1 MB (1,165,824 bytes)

Product version:
4.0

Copyright:
Copyright © Vitzo Limited

Original file name:
VDownloaderSetup.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\8c1c.tmp

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
12/28/2014 10:00:00 PM

Valid to:
12/29/2015 9:59:59 PM

Subject:
CN=Bonjoy Software, O=Bonjoy Software, STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CD3BC6FFAA74061B7CABDCB0D74FBB12

File PE Metadata
Compilation timestamp:
12/16/2014 3:26:02 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:+/xB2AUVb8NLHpwkT1Thvgyi0dI7goGm8OfbLRpz+SS:2AwNLJRRThvgtSIZGQf6r

Entry address:
0x5B174

Entry point:
45, 00, 8B, FF, F7, D9, FF, 24, 8D, 00, B8, 45, 00, 8D, 49, 00, 8B, C7, BA, 03, 00, 00, 00, 83, F9, 04, 72, 0C, 83, E0, 03, 2B, C8, FF, 24, 85, 54, B7, 45, 00, FF, 24, 8D, 50, B8, 45, 00, 90, 64, B7, 45, 00, 88, B7, 45, 00, B0, B7, 45, 00, 8A, 46, 03, 23, D1, 88, 47, 03, 83, EE, 01, C1, E9, 02, 83, EF, 01, 83, F9, 08, 72, B2, FD, F3, A5, FC, FF, 24, 95, 50, B8, 45, 00, 8D, 49, 00, 8A, 46, 03, 23, D1, 88, 47, 03, 8A, 46, 02, C1, E9, 02, 88, 47, 02, 83, EE, 02, 83, EF, 02, 83, F9, 08, 72, 88, FD, F3, A5, FC...
 
[+]

Code size:
497 KB (508,928 bytes)

Remove VDownloaderSetup.exe - Powered by Reason Core Security