home

appmanagersetup_1.45.exe

Well Known Media Ltd

The application appmanagersetup_1.45.exe by Well Known Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is typically installed with the program FileHippo App Manager by FileHippo.com. The file has been seen being downloaded from filehippo.com and multiple other hosts.
Publisher:
Well Known Media Ltd  (signed and verified)

MD5:
3a735dfc19f44fd2cb854b344b23c49e

SHA-1:
54dd2ab163ea4efa0ac5a4f172b812eecc8a3720

SHA-256:
0bf2fe1375f48a870772a4593cd34158ca910c5f39d7a93723488b069da38838

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 4:13:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.WellKnownMedia.T
14.12.11.8

File size:
498.8 KB (510,776 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\appmanagersetup_1.45.exe

Digital Signature
Signed by:
Well Known Media Ltd

Authority:
Thawte, Inc.

Valid from:
11/28/2014 1:00:00 AM

Valid to:
11/28/2016 12:59:59 AM

Subject:
CN=Well Known Media Ltd, OU=FileHippo, O=Well Known Media Ltd, L=London, S=England, C=GB

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
65857DF98CF56A13805D20AF7078FA00

File PE Metadata
Compilation timestamp:
2/24/2012 8:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:oEhgF7b2tBrq+LI1fTRTtxDrCptN8AAdeoOdWLwf9:ocgFfgc1Ttbronhd8E

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file appmanagersetup_1.45.exe has been discovered within the following program.

FileHippo App Manager  by FileHippo.com
Publisher's description - “The FileHippo App Manager will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases. These are then neatly displayed in your browser for you to download.”
filehippo.com/download_update_checker/58783
50% remove it
 
Powered by Should I Remove It?

The file appmanagersetup_1.45.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://fs33.filehippo.com/8059/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

http://fs41.filehippo.com/9349/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs11.filehippo.com/6004/.../AppManagerSetup_1.45.exe

http://www.filehippo.com/download/file/.../

http://fs40.filehippo.com/1482/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs31.filehippo.com/3940/.../AppManagerSetup_1.45.exe

http://fs34.filehippo.com/8315/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs33.filehippo.com/6705/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs36.filehippo.com/8809/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs34.filehippo.com/7510/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs31.filehippo.com/6218/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs13.filehippo.com/8511/.../AppManagerSetup_1.45.exe

http://filehippo.com/download/file/.../

http://fs40.filehippo.com/4254/.../AppManagerSetup_1.45.exe

http://fs31.filehippo.com/6362/.../AppManagerSetup_1.45.exe

http://www.filehippo.com/fr/download/file/.../

http://fs40.filehippo.com/2434/.../AppManagerSetup_1.45.exe

Latest 30 of 99 download URLs

Remove appmanagersetup_1.45.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.