» ytd.exe
Overview
Analysis
File Details

ytd.exe

YTD

Pepak

The application ytd.exe by Pepak has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

ytd.exe

Publisher:

Pepak (signed and verified)

Product:

YTD

Version:

1.43.0.1107

MD5:

d6341e66593fcd69cfc184ef0de545dd

SHA-1:

89478ba233af54020bee1046bb06f1f427771110

SHA-256:

e0e916d06162adbcebc6de147721e390cd194d6956cafe51ad4c59452886e2b9

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 9:56:41 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Pepak (M)

16.2.22.12

File size:

1.3 MB (1,319,864 bytes)

Product version:

1.43.0.1107

Original file name:

ytd.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Pepak

Authority:

Pepak (root CA)

Valid from:

1/30/2014 8:51:44 PM

Valid to:

1/30/2015 8:51:43 PM

Subject:

CN=Pepak, E=http://www.pepak.net

Issuer:

CN=Pepak (root CA), E=http://www.pepak.net

Serial number:

B377576699E3CF924F96A97B44BBE215

File PE Metadata

Compilation timestamp:

8/14/2014 7:10:05 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.25

CTPH (ssdeep):

24576:AblBqdE+CwgXYnh5QGnDqM9SkNTb6ySn4xqNVedOrtx0T:thCih5QGZNnHMrto

Entry address:

0x10838C

Entry point:

55, 8B, EC, 83, C4, F0, A1, 4C, 93, 51, 00, C6, 00, 01, B8, 38, 4D, 50, 00, E8, E0, 0E, F0, FF, E8, CB, E9, F7, FF, E8, BA, D1, EF, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3568

Developed / compiled with:

Microsoft Visual C++

Code size:

1 MB (1,077,248 bytes)

Remove ytd.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.