VideoDownloader.exe

Sothink Web Video Downloader

SourceTec Software Co., Ltd.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Web Video Downloader’.
Publisher:
SourceTec Software Co., LTD  (signed by SourceTec Software Co., Ltd.)

Product:
Sothink Web Video Downloader

Version:
1, 2, 0, 1

MD5:
94632ad9c25bb94cdb72428621a1fb8f

SHA-1:
b5ee78f0ab306da6ebe7fcda444565ededa0a62b

SHA-256:
3cda6e1d679c78eb67eccd3b410c3ee5e22a5bc5de6b1041308cba9e3e4ef105

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 5:50:42 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

File size:
3.2 MB (3,335,895 bytes)

Product version:
1, 2, 0, 1

Copyright:
Copyright 2007 SourceTec Software Co., LTD

Trademarks:
Sothink

Original file name:
VideoDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\sourcetec\sothink web video downloader stand-alone\videodownloader.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/21/2008 5:00:00 AM

Valid to:
8/22/2009 4:59:59 AM

Subject:
CN="SourceTec Software Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="SourceTec Software Co., Ltd.", L=Wuhan, S=Hubei, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5637B080B1FCEAD77DB9CE938CFCECD3

File PE Metadata
Compilation timestamp:
11/20/2008 1:57:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

Entry address:
0x1C64D2

Entry point:
E9, 03, EA, FF, FF, E9, 16, FE, FF, FF, 6A, 0C, 68, E8, A2, 5E, 00, E8, 64, 1E, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 10, D4, 5E, 00, 77, 22, 6A, 04, E8, C3, 1A, 00, 00, 59, 83, 65, FC, 00, 56, E8, 01, 45, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 70, 1E, 00, 00, C3, 6A, 04, E8, C0, 19, 00, 00, 59, C3, 55, 8B, 6C, 24, 08, 83, FD, E0, 0F, 87, 9F, 00, 00, 00, 53, 8B, 1D, D4, 31, 5E, 00, 56, 57, 33, F6, 39, 35, 64, C3, 5E, 00, 8B, FD, 75, 18, E8, BF, 18, 00...
 
[+]

Entropy:
7.5352

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
296 KB (303,104 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Web Video Downloader

Command:
"C:\Program Files\sourcetec\sothink web video downloader stand-alone\videodownloader.exe"


Scan VideoDownloader.exe - Powered by Reason Core Security