vpsetup.exe

VideoPad

NCH Software

This is a self-extracting archive and installer. This is installed with VideoPad Video Editor. The file has been seen being downloaded from www.bitsfarmclean.com and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
VideoPad

Description:
VideoPad Video Editor

Version:
4.33

MD5:
636c032a874460534c33cf0b28e25803

SHA-1:
8d7f075fa1fe1317ee1aa509b907495098d18c3c

SHA-256:
1de7de22c1f28e7dba1432efeaa292b8ec1bfae8d9d9f05b318565469da48588

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 12:18:01 PM UTC  (today)

File size:
5 MB (5,199,072 bytes)

Product version:
4.33

Copyright:
NCH Software

Original file name:
VideoPad.exe

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\users\{user}\downloads\vpsetup.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
7/6/2015 1:00:00 AM

Valid to:
8/7/2017 12:59:59 AM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
58D9B9D38780932DD1CBC58A2AD28B1C

File PE Metadata
Compilation timestamp:
1/24/2016 11:09:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:V0MzwROEcPVpAtC2X9hti03yEnWVQnbp/3HddbdiiIJCmtvUDmhPFNKZHV:WgwROZPVD2X9ht9iVQnb13ddhIJrUDKI

Entry address:
0x11D4

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, FC, 16, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, DF, 03, 00, 00, 6A, 06, 53, FF, 15, 8C, 20, 40, 00, FF, 15, 48, 20, 40, 00, 68, 6C, 24, 40, 00, 8B, F0, E8, CB, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 24, 40, 00, 68, 80, 24, 40, 00, FF, 15, 50, 20, 40, 00, 68, 90, 24, 40, 00, 8B, C6, E8, AB, 03, 00, 00, 3B, C3, 74, 49, 83, C0, 0E, EB, 08, 66, 83, F9, 20, 75, 0A, 40, 40, 0F, B7, 08, 66, 3B, CB, 75, F0, 0F, B7, 08, 33, F6, 66, 3B, CB, 74, 20...
 
[+]

Entropy:
7.9995

Developed / compiled with:
Microsoft Visual C++

Code size:
2 KB (2,048 bytes)

The file vpsetup.exe has been discovered within the following program.

VideoPad Video Editor  by NCH Software
From the EULA: " During installation of this download you will be given the option to install closely related programs from the NCH Software suite. These are optional and you can select what you want depending on your requirements."
www.nchsoftware.com
20% remove it
 
Powered by Should I Remove It?

The file vpsetup.exe has been seen being distributed by the following 20 URLs.

http://www.bitsfarmclean.com/OuHRnIE9udJh8lycEvtZEoncqijoQayspA06xUlvulUHmexl99G9LfM_cmtnCYJdoQklpXBseRataVHkQuWN2HgZ9A8Qgg_GbOwJ0jsJlX0Ke0OPtWO_TuCLUposZEKidCpusrMO2VvWcvEstQ_NBpfmoCrIpOdZ7Y3flj9B8dfIuLeQSzgTXbniKvIDhegmr7HvBzHP4jbVGtjL6stQfEGksZOTNA==-G1wAAGRgnq2tScjUb9iAA5dwsO0BB7RhY wMQQhHmd_v xLML7Sc59XvRS5zWOnd9CAITHhCw3 QX2 xzMK4ZsOX9kaff8shY7p9UD9gEFGCIRGUxVgU

blob:http://sd-web.softonic.com/71e1facb-0f8e-4385-9bae-21f153223b27

http://gsf-cf.softonic.com/993/026/.../vpsetup.exe

http://www.nchsoftware.com/videopad/.../vpsetup.exe

http://www.cleansignsnew.com/c?x=LuNGPuOwfy/yqSYTVhqrmcEJMO6o4P646tmXhsdvYJ8=&c=cxqlBB7xZxpxUPyCPizB/xe0fXE1n1 JJKinYZuTjDxKxPi0fqP4/Qp7ZBfz5S2i tI3BHQr4rbK aL9zEby/XFrfgmguHaJO0r7c5mq0gAkVNbLEJGqhxVZ AYUNin4azT XvmGpy3xc4AL6RPMgEt1yjc7uf44YOH5OO7v1dI=&e=0&fallback_url=https://secure.innodl.com/.../videopad-video-editor.exe

temp:vpsetup.exe

http://www.bitstagcontent.com/hAbiibBTihYnvrZokQthP7koSLtWt52YNw7OmH9rVtb1vAB_BpmVKJb7HlO 6iHSyUTKv9 srJRAjG5TZe TbUstoy0r8p4j__ncpiW8W04NLt8GAUIS3uJ_X9qJELvulnPi_98RVc9gZAzZLtbskRWc9Wk3n2_Am3B4c13va5j8eZTNBURJs8wKp7Qn4m2isUoXZtog-GzAAAEQ3hjGpvGIM68LDLsSQSSTSF7aBuLGiSGskTotGuslVY7YYDw==

http://www.appsfactorycurrent.com/Le_aOuEonhpyNuJFDG3zd 0Q He4XP4AybY RavY5hk_xgaIefHRGcgNY06ep2CQXfiVzC52fpKdOQCVxotXBrAZSWadUk7cSsrrgUH6vc_lMq YKFgL7TSPj7M2pZfDG1veUh4cj 1r2Hl_Xh355ALtV57ShmJfzl6hvFCoPZD4dYLCgbolvBJlBN8MKYGqQFK54iHR-G1wAAGRgnq2tSW7wRdiAA5dwsO0BB7RhY wMQQhH2d7v yWYX2i_Xm_TuchlDiu99xMIAhOe0Pyf5ddbZFDM7rotz0Jqct86Fjy05vQDZhElGAQjcZJAAA==

blob:http://sd-web.softonic.com/36a213d7-7508-4c0a-8369-5e6fdd910383

Scan vpsetup.exe - Powered by Reason Core Security