home

videoconverter_setup.exe

ZXT2007 Video Converter

Ye Yizhou

The application videoconverter_setup.exe, “ZXT2007 Video Converter Setup ” by Ye Yizhou has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from en.softonic.com and multiple other hosts.
Publisher:
zxt2007.com   (signed by Ye Yizhou)

Product:
ZXT2007 Video Converter

Description:
ZXT2007 Video Converter Setup

Version:
2.1.2.0

MD5:
2860ed965511d8da15fd42de6e7e0678

SHA-1:
8e9c14f905295fa13893218e3460c914995ef1c1

SHA-256:
10b2f6a0dd9837f19bc62ef0bef2a2f7b350a46412adace8d17b7f297dc010eb

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/30/2024 8:53:16 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler.YeYizhou.Installer.Meta (M)
16.8.29.7

File size:
6.8 MB (7,078,744 bytes)

Product version:
2.1.2.0

Copyright:
Copyright 2013-2015 ZXT2007.com.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Ye Yizhou

Authority:
WoSign CA Limited

Valid from:
9/6/2015 11:00:33 PM

Valid to:
9/6/2016 11:00:33 PM

Subject:
CN=Ye Yizhou, L=Longyou, S=Zhejiang, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:
304E7576E2082A9B6E87C0FFCC4B397C

File PE Metadata
Compilation timestamp:
7/16/2015 9:24:20 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:EPqhL8WM6ne2vi6GKBVgLUZ+cdmSkW/lJFEc2w3Ga4uFk/rEWVOMDP3AMJ7ffPAI:Eih06cKwowcwSkWrv6Ms3p7ff4I

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86...
 
[+]

Entropy:
7.9955

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file videoconverter_setup.exe has been seen being distributed by the following 10 URLs.

http://en.softonic.com/sads/tracker.php?ev=c&co=MY&sid=78a230fcd1fc9ec30c7a5c1e2fe8316b&upv=972cdfe9f52f8f743502f819d22e0184&z=download-cpd&sk=722&abp=0&params=F39B2A32BFC101987B1458170C278E031A872F37FCA34CAE6F173519F808D83AE364FF2C2859F9E074770109F031EE254718CD206DC52B3AF2D1FD355AEA5D88F79E574EA22C4EDC02B8182C92046F12FF7D86E5F3827B3C4FB6F933B0612C84F4B54ECA9C1142E16F0A43C04B85C32B8FF42BB3DFAD8CEFF2DB61AB27CD3C25F0BEB56D02E3B6071BB085233C14172D422854040D28943D5FBFF3F36EA2C287&h=71879D243684B53B7656432D56EA060AE4EBF7BAA63151911B24DBCE5CD6088F&directdownload=1&f=69671820&d=http://en.zxt2007.com/.../videoconverter_setup.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=AR&upv=e4e738793a57f5cf12fb7e96d767887c&z=results&sk=0&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F219F370B0B12B216A2FEFF308F0F4884AB04B97B30337C0DCCBA5A8DD4F6E858B3D238DE3E3DF1976BCF875F2C47BAFA923899804E90B2E447B86AAB7DD350DF4DE6E8B48BB4DFB89C8E6ECD059D71EA50BE2441D080070BAA0F80CD38D2B8C44D7EC5D7660AC36B80F9BC19AC8359C92A7DB4A08E9BE4D71660F9DDDFECBA2E4F66B5A8D08530A86D3E1F3FB9F67AD8F&h=C09722A0682072211BB08CE328C9E6598CD8523AA6CFFA492066111A7CD6FC94&directdownload=1&f=69671820&d=http://en.zxt2007.com/.../videoconverter_setup.exe

https://zxt2007-video-converter.it.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPNbFIbvPqwG59DNzhKGKPopOS/.../m95eDklI4USs=

http://en.softonic.com/sads/tracker.php?ev=c&co=IN&upv=64021e39081e2c24a2918c6d33d70ee5&z=results&sk=0&abp=0&params=F39B2A32BFC101987B1458170C278E031A872F37FCA34CAE6F173519F808D83A51B441A6CB02F75AC2840B13999DE777E33B60871978B07201928B4BA92352F9B6967FAA5AB63A4DA58DB27C8F94FE9A96592F19E1F8E4A462D4694F7FA197B166E63D7D92BA360B5D03887EB7F1578EB583B28E7008B26C9C14154F7B656E3AD46DA6CCE046696C2D9CAD9B9072320C18892FE6D0B44DE4629EBAB05C41C8BB&h=3F26C8C20C91CFCD713958EF47DBF40A17C123106C2270DCF2A544CDA1F37E0C&directdownload=1&f=69671820&d=http://en.zxt2007.com/.../videoconverter_setup.exe

http://gsf-cf.softonic.com/8e9/c14/.../videoconverter_setup.exe

http://zxt2007-video-converter.softonic.com/.../trmsvRChbxdrflJq3ZIylWt0sI8aa3KPl0C9oyM84N0MfBu0Uc p0awMca3IyQxMJhjiy2yRhpiLuUSpi1DOwhGsvzprOL7tk166thkZyE3JPkpJMuSaWY606Zu0w2HYylpG5TrhYnNntahmblgNrJY=

http://en.zxt2007.com/.../videoconverter_setup.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=MX&upv=d9e63dd4475032b9aefe0518a942fc30&z=results&sk=0&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F219F370B0B12B216A2FEFF308F0F4884AB04B97B30337C0DCCBA5A8DD4F6E858B3D238DE3E3DF1976BCF875F2C47BAFA923899804E90B2E447B86AAB7DD350DF4A749F7E4B6D3FE7C31E8A58B8792A8A4B6057930BA06EA1760905382648B89CE5101B599B5EC8A30AFF30BF1D1E605E5740782055711CB3818FCA93CCFBF140B2682C6862532BF7A1496FACB0C4F8D88&h=58E2ED939981CD4BE76924395B5C779EA831F51C2CAF9E5130555CC3681C2D52&directdownload=1&f=69671820&d=http://en.zxt2007.com/.../videoconverter_setup.exe

http://zxt2007-video-converter.softonic.com/descargar

http://en.softonic.com/sads/tracker.php?ev=c&co=IN&upv=e491d5d47338e536f4abec4d6bc8e826&z=results&sk=0&abp=0&params=F39B2A32BFC101987B1458170C278E031A872F37FCA34CAE6F173519F808D83A51B441A6CB02F75AC2840B13999DE777F0FEC3DFB5890D51C580A7F55D260A00804F5701DABD7BB7C86F00B0C1FE8302C7B6CF65A93088A5F8CA2F098096F7290B747FC9453D830ECD2CB8291CA9D6A746D50EFB66797BBE794C3B5288992A52E645E0AD8C0C8FEE04F7FBA264A486F32F394F17E061909418BA4A4E5DBBE57A&h=FBB55B94AF3AC3A146C50D95005944F48D02FA0F446EE78D6CACF3FDDB6D7B1E&directdownload=1&f=69671820&d=http://en.zxt2007.com/.../videoconverter_setup.exe

Remove videoconverter_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.