videoconverter_v5.exe

The application videoconverter_v5.exe has been detected as a potentially unwanted program by 15 anti-malware scanners. This is a setup program which is used to install the application. According to Microsoft Security Essentials, the software includes a bundle of the DealPly adware which is installed on a user's PC during setup using the InstallCore platform. The file has been seen being downloaded from www.securefiledownload.com.
MD5:
333c98ace48dbf20d66e8d1161a9952c

SHA-1:
8e5c551785b19df4710b7c108db13864e6a31429

SHA-256:
1097762d7895dd5a4d31052234ead232ac4afeef806e6315104648b886db95ac

Scanner detections:
15 / 68

Status:
Potentially unwanted

Explanation:
This software bundler installs other potentially unwanted software, including DealPly. Which includes offers in a user's web browser which state they are "Powered by DealPly".

Analysis date:
12/26/2024 1:53:23 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
7.11.122.188

Bkav FE
W32.Clod722.Trojan
1.3.0.4613

Dr.Web
Trojan.Packed.2822
9.0.1.080

ESET NOD32
Win32/InstallCore.AZ (variant)
10.9232

F-Prot
W32/InstallCore.W.gen
v6.4.7.1.166

IKARUS anti.virus
SoftwareBundler
t3scan.2.2.29

K7 AntiVirus
Unwanted-Program
13.174.10679

McAfee
Artemis!333C98ACE48D
5600.6455

Microsoft Security Essentials
1.165.247.01

Norman
InstallCore.UMFM
11.20160320

Panda Antivirus
Suspicious file
16.03.20.10

Reason Heuristics
PUP.InstallCore.ENG (M)
16.3.20.10

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.16318

VIPRE Antivirus
InstallCore
24918

File size:
1.2 MB (1,254,616 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\videoconverter_v5.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:GBbhZEyx4yHQkv+P8BhSbs1sy7ufaTclQFDliPZqs9PqN96AgwAqjXci:CZEyx4ywkvw8Bhx+LfaUQlli99CN96k6

Entry address:
0xDA010

Entry point:
55, 8B, EC, 83, C4, F0, B8, E8, 24, 40, 00, E8, E9, DF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
885 KB (906,240 bytes)

The file videoconverter_v5.exe has been seen being distributed by the following URL.

Remove videoconverter_v5.exe - Powered by Reason Core Security