ytdsetup.exe

YTD Video Downloader

GreenTree Applications srl

The application ytdsetup.exe by GreenTree Applications srl has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
GreenTree Applications srl  (signed and verified)

Product:
YTD Video Downloader

Version:
5.8.2

MD5:
555a29afbc6bb53ea31393c69ae77b2a

SHA-1:
49f0bcd97a96770471c68239383561293f365f7a

SHA-256:
46735ac9e0352aa4f897c0f386543f6433ab879179a5680b500f752e3079fb89

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
This is part of a Greentree bundled installer, which includes various adware, toolbars and co-bundled potentially unwanted apps pushed to the user upon setup.

Analysis date:
12/25/2024 12:25:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.GreenTree (M)
17.3.16.4

File size:
9.9 MB (10,333,000 bytes)

Product version:
5.8.2.0.1

Copyright:
Copyright © 2007-2015 GreenTree Applications SRL

Original file name:
Uninstall.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\ytdsetup.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
11/18/2016 2:06:38 AM

Valid to:
11/18/2017 10:32:14 PM

Subject:
CN=GreenTree Applications srl, O=GreenTree Applications srl, L=Bucuresti, C=RO

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00E4DCCA9CAF287A4D

File PE Metadata
Compilation timestamp:
2/25/2012 2:19:59 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x39E3

Entropy:
7.9991  (probably packed)

Code size:
28 KB (28,672 bytes)

Remove ytdsetup.exe - Powered by Reason Core Security