home

vdu_install.exe

Proxy Video Downloader

Link64 GmbH

This is a setup and installation application. The file has been seen being downloaded from videodownloaderultimate.com.
Publisher:
Link64 GmbH

Product:
Proxy Video Downloader

Description:
Updater [ProxyVideoDownloader]

Version:
1.0.1.72

MD5:
76d657787300f732dc1d6b8da3781142

SHA-1:
199cb4adc6d9e49561c059aaa80d953c8c32c22c

SHA-256:
d6cd12a23904f044ba9e916783ad3188f5a63aeb35d3c6a82590eb6221820315

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:41:15 AM UTC  (today)

File size:
2 MB (2,094,920 bytes)

Product version:
1.0.1.72

Copyright:
(c) 2014 Link64 GmbH. All rights reserved.

Original file name:
ProxyVideoDownloader_Install.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vdu_install.exe

File PE Metadata
Compilation timestamp:
1/6/2016 4:42:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:Gl0GTcHC8Q8nNP97U9wZxPrVn6brlzF8o2QdBNyTA:Gl0U8ZZ5jZN9K5R5d0A

Entry address:
0x636C

Entry point:
77, 07, BE, 8C, F2, E4, 62, 8A, CF, 78, 03, 0F, B7, F1, 0F, B7, EA, 8D, 15, 0D, F2, E0, 5E, 8A, EF, 50, 56, 4E, 24, FF, 81, F2, EC, CA, EB, 93, 8A, C7, 4E, 86, E7, E8, 21, 00, 00, 00, 88, E4, F7, C7, 8E, 10, 62, 0A, 0F, BF, F9, 87, FF, 0F, BF, F6, C6, C2, D2, 81, C5, F3, 49, 00, 00, 85, F1, 81, ED, D0, 04, 00, 00, 5D, 70, 0A, FF, C3, 8B, C2, 8D, 3D, 7C, 7F, C5, 0F, 4A, 87, F6, F3, 0F, AF, D0, 85, CB, 69, D1, BD, 83, E5, EA, 8D, 0D, 0E, 26, 14, 6C, 0F, BF, D7, 2D, 57, 6C, A1, 22, 80, D4, AB, 69, D7, AD, 0A...
 
[+]

Entropy:
7.8937  (probably packed)

Code size:
184 KB (188,416 bytes)

The file vdu_install.exe has been seen being distributed by the following URL.

https://videodownloaderultimate.com/.../VDU_install.exe

Scan vdu_install.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.