home

bdcam-setup.exe

Bandicam

Bandisoft

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.capitalvaultsbits.com and multiple other hosts.
Publisher:
Bandisoft  (signed and verified)

Product:
Bandicam

Description:
Bandicam Setup File

Version:
1.9.0.397

MD5:
0d3fc086cd1081c886d39382ebdac4ad

SHA-1:
9b220353e73763c2b13dfe6ad192775f56406f36

SHA-256:
7fb5c89d614ab30d507b19778fa8df6752ae4a2c339814869ed11e68cdbd0e8c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:09:58 PM UTC  (today)

File size:
6.9 MB (7,230,600 bytes)

Copyright:
Copyright(C) 2009-2013 Bandisoft.com, All rights reserved.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Digital Signature
Signed by:
Bandisoft

Authority:
Thawte, Inc.

Valid from:
11/23/2011 8:00:00 AM

Valid to:
2/22/2014 7:59:59 AM

Subject:
CN=Bandisoft, OU=Dev Team, O=Bandisoft, L=Yeongdeungpo-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
233BBAFCE994EC7FE8D2CA568F2AB64B

File PE Metadata
Compilation timestamp:
4/10/2010 8:19:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:2cAgkGCnni5a/4weR7d0/iqAmoSUu0I4Eun9k1sHqf:2MkGai5Q4XBd015U5IVun9qf

Entry address:
0x33E9

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 70, 85, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 78, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, 90, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 6C, 85, 40, 00, FF, 15, 80, 81, 40, 00, 68, 54, 85, 40, 00, 68, 80, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B0, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file bdcam-setup.exe has been seen being distributed by the following 50 URLs.

http://www.capitalvaultsbits.com/Uq7Z5_PuSnmGIZxxaCADVb5fcEVuVcxRK0QRMglAi2DFWySP35pr24DG9BloQqOwIyQYZk4rRXkHDG1pE5w419u zwDIJt6Ko pvMC9BnDhGQ5DuJLCcYufTcCMcejXvxnPW_IqypbUD28DKaBxsAnbxUcVFCh zJXrn07edh1Dp2ts_yZ5 5EuuqR2BwFE_0JjLfgq8DPYUyYc1CFcRELYRgx AFA==-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.capitalvaultsbits.com/Xy9fMi5e00LM9lqMbUgmu3ODZxkcFugXP247WUXRFYM094R7cS9g4ffxsRggl0g7aMdzTsXXSK6r6q 399BmIukcJ59XasgsIQ9scgPSX2Y96TY7iqgblFk3gE4l7X 1yHyw21M41D3AamWivTFM8_dSeron4gGvlQwt2B6teKAV5RkFYRt t2KWPrLgz8uDY7vTP1jrzplKjri1z2KdfgbcezBwOg==-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.capitalvaultsbits.com/7tYDd8BQdsuXPtcm2nbgi6hTDRi4EXIYurfhfqcU3FP0tso4zKd9DF8Q7UdPo38MNT6FtILq1ZLcktyI1BLS1l7vCAu3LtOxEMnPAzeHiEUV1NDLElBYVoFhg SLp_MxhKUDgS8RmWklndWWTYU6Oz15DbF39nNqOwc1LtctnBDpiJu tD338x9fhJBqK7MRR81szwznEFt__Q5OnnnrOzFrjmdmVA==-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.capitalvaultsbits.com/N3PfNbdFo_TotytTtEBShgXtTllFDFmFk6vsR1irPbXjzFk53RpXzjkP UQDugZaCS1shB0MBKENkCKdkY4l3lEcagBjkqgK_qvP82H028FDQIeiuJYxeoX_8yqR80zRDrfgh26moEcXDYo pSKNt3MmkyYlqCpdIQRONwNFFYcikWCjUp_OpBn3fBcjxc1vtExK_qu-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.ranchsignbundle.com/gys3pa9VMSLk1fe3kg1s3YMCKFSTYEQtEyF4j5iije4abCZWFgBs r V9Da1oRrk0_320cBg5q27Yd5yW1V8PKHJ4te8VXoLWSnM46AzPVn2i6xfCOpCfKp1JDgX_BpXiSQFew1X9WpdXPnX fkszhpbcrTCxGfqf2K3R uNaNYNMWGisVg=-Ow==

http://www.capitalvaultsbits.com/Wl pwLamXmFNxbSmRfifSgfXwtWKSe4torqFQD85umHwIIhVEPtQn1ogviEcmgxzClZesvFU6IQ1rpn9I G5SCrqeNjDYS_nt9RPhkTUwSOYhAxMDiqumbFrAkho3cGutdvp2X8_wqHuGq EjytkS5fDE0FPqrfb9 01xfDLwpljzyefVL 4N_VBo63qZaDAXVPuut37-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.tourdeliveryuniverse.com/7hmMrbArm7TtQgZmMTXjyLpaSOzbBrqTS65OPOt9IArJLrBKV6DIObipkJguSALpe3uf5HZcINNZTNWuDqpHT8kqOdwkQdwAJ0OvwFyUTDeIOng0sQdEwtZTmf YzgwznAd_WjX00oAmhr3klACGsUxyW qGkE1xZ7zmUwgnaTonAKuODZ PMvsf8q8YqPfKX4mpZp7u5UeJZrtprCAV 0TbKLTziw==-GzsAAETdFtsfHtPUgUUY7KKwAQduiTQNg8GNbdynu1tLxBXNxLMQ6EFMwMuxJo7ZV8FP

http://www.capitalvaultsbits.com/pPI2VQsu5ujexL66Im9vF2 b1olUGkhUMzCz965xKKHUyN8NFRYu5K0MEJAZLGXRhLPmONWnxbG2NrVfGg2eYah1GY7AmYK9v02SE_u9uMjyi9PjfYyO9o8VWHet6J6WdiPibddAkx wmbZSuwuzLt3LDnl2s3WacZiBF79pR YY_LhEGWPj58lzQqBy 3fcwsXE9PqQjHLLyx4_H4DhJ9PHeZNmPQ==-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.vaultflashapplication.com/o3xw1Fp5ghcJS6kad1dgNjNNArDSQdY8bd2v_JyHOqBBd5Ay z5HBwBPuf6j7pqfAX3zXN vOi1S9UKqBZ Nq5OvBJoafhliLR04z0z08GgniXVwqSHvn11f66oJ3zwlk_Q_FrnBUb51yc7yPsK 0FVQLfvDtHHLCSfKUwpCPSZPwE1 fqQZR0N2fsMcNI30G_JnBcS_-Ow==

http://www.ranchsignbundle.com/ajuMAIt9Y4jng onBHgl4dZRfrOA8Q_QmPBwmNThGdAonYUX__59A6HUKjrelWFDd6gfmJiLEAQ5EwLgkDzOG7RZ20JatXcfCeqzCrp2dm42s51RLMKkmY1QP58GWgGMJZ JqHvGM tzQQtrc2TAj0J ZRkgu54joYndsla_nbXGh4Ts_Uc=-Ow==

http://www.capitalvaultsbits.com/c?x=ACK1HXKOGeRcaIDuyzUsOWljdyVKSnSpqqk9PlBnkNo=&c=YRgO12v/GHm5usFlEYY W 9D282l5ffzaRksbK5/MSxDwak8ijkBACjhsztRnCYQpgAoHy7bcCZTcrxxYnQY5uRU/dGJTcuwwEI erN67J7IiHMixJLbO5YKLOe64Bpa&downloadAs=Bandicam Setup.exe&fallback_url=http://cdn.darwendlmfilesnow.com

http://www.capitalvaultsbits.com/c?x=yH2j1a/rlbjd00eKtb9CvV56oiewkXREP4HE64g8zEw=&c=7kNebAABS4WtEsr3QoIx2n0bMiEbb76k3mmIQb9Rju1oFB5sB2E8CUN6JKR//exiKxD0VsO7Xla1C784s8x2xNltxCAcIObOpv LuxpTYbzuAWSCIbKcT8BmBOfaZBZGNx6pjUp1DZQc0ma3sPfROqfxwwNgZQS3FkoUza4cts8=&e=0&downloadAs=Bandicam Setup.exe&fallback_url=http://www.downloadfree7.com/ic/.../index.php

http://www.capitalvaultsbits.com/AdYwJtTmSMSCxIAyr16tObDXgg4mf5fesIlN4SR8Wd12EhFZUYUA5PDdAv VRTN5bqOlwnCnQnSZxAvFX9WVL1fHV8zyHYwrJzevsDH6wWBJV1hTLbqWvAEfP5WZUVRbK MWKpP 6V9YbF6wCOStFMi9xHXkL8ZEM65 6bolNRqgLkSvazibDntDvF0yqi3vX01gW5PsKNwkGmCRS1VkDCi evugeA==-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.capitalvaultsbits.com/BGqrJUZHQzYyY9u18DECmFRXP f2NbHIVx0twYLAbvfvFGO9ZSV neEyayRTp7EVf8sFX2L3rQL3Lo TKbJXZoSX80qiO4X0LNqwh474iCxMtDf43U6N0 lpavGCS7vHRCsanYx3K9ccK1 QOuO DoK9bd1zq_btYpdebdoRnUx01YPR b9dVU1yTOGrxx5FvXmWKm1rfOoGMYmj3JUbLTIV9AYfkA==-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://gsf-cf.softonic.com//9b2/203/.../file?id_file=321431&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&Expires=1380416498&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=MiqrcJgwxzMnrJ8S8l2RSLIu81rZaKMwlgL06EmDL9fcq6N6PBnYZpQjwW7B9BqPtmbZgzFp2iV9KHaO-1k~pm9o802j~efKMK8Hncarlp-6N4xbdeMc~xuhqWYC9Q9SSR5j13EjJ0QNOG8nsKyCg0BknQShVTetunqkuQudbLM_&filename=bdcamsetup.exe

http://www.capitalvaultsbits.com/vItBSRoprH_4sKEkPQWzVmdCtXxr2REcYmG0YnFa 8z6A1rKn1eoxHGxGJVDCtAZs0mM_PkZEk3ud3XJYgpLdFRTJEfJNYsdHUFBv1H4 MKxc4up24k0HG7R9ARTmkwNDVrB2RKHb2IQGdu6ZqhiRIPCzeB_n2B5h_eoYyDLfZfz0G5Xb2tOgOXTpva9iymvi8O95DrO2xo vugkC_iBv9JfztAMmw==-Ow==

http://software.thaiware.com/download_url.php?id=1103

http://www.ranchsignbundle.com/GGuDrXlgLePdUWPjCVbLlFOjFthNXQbRpwRLQ3KNSZKnzxWfRublTAiod5SeLAu6s7eIS5kKPgJkUz6TufQP_OA nAw7DDbdFKK2i3LABXy7O1HEFTGD2 pJk6lYbIFfO42ugOQdccbfjsq3jug5A9WIftE2TAN0WZ8n1XDg4WNjsOqa_sc=-Ow==

http://www.capitalvaultsbits.com/WVl6OTRQVWRYZDA4NWF6TTNVM0JQWTA5ek5FeHZUR0oxVVZnMWFISmhNVVpvVkhoaWFUaFFZbTR3TkdOV2JtOGxNMFFtWXoxNlRXSjZVSE5XYlRNMFlVeElZbkZFWVhNd2VEbHVjblI0UlVNbE1rWllPWEYyVjJsbE1GTkxiRVZTVEUwbE1rSkJZbmxWVDFONk5IRjVOalFsTWtaVFNHdGpaalJGYjJ0S1NsUnBhM1JJVFdNNGJtUllRVmRVVW5Bd1JtUkZKVEpDY2pOcFR6aHlTazVrU1dSVGNrZEtkRFpPY1VJME1sYzNURXRXV25sMmVHaDNOamc0TlhkTEptUnZkMjVzYjJGa1FYTTlRbUZ1WkdsallXMHJVMlYwZFhBdVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdkM2QzTG1SdmQyNXNiMkZrWm5KbFpUY3VZMjl0SlRKR2FXTWxNa1ppWVc1a2FXTmhiU1V5Um1sdVpHVjRMbkJvY0E9PQ==

http://www.ranchsignbundle.com/WVl6OTRQVGhCUTJKQ1VtTllORzlVU2xJbE1rSXdTVUV6TlVwTVJtUTRjMmgwYVhGbmEwUTBUMlJvWWlVeVFtWlhSRlZWSlRORUptTTlkMmMyZEVGcVlubHhSRE5PT1V0UGFuUlJTalZrUVV0c1JXRWxNa0p3U0doVlNEUkNkME5GVWpnMk5Ga2xNa1pTVUVvNGVFTWxNa1o2U0ZaTFNreGhaMk5UUm10MldHMHlWWEZCVlVkVVVVSXlTWEp1UWsxUWJrMVlVMDh6TkVNemNUZE5RbVpxVkdkR1QyeFhVRnBGVDI5WE1ubzJkblp3ZDNReVpFZEJXVGRoVFVWS1Z6VW1abUZzYkdKaFkydGZkWEpzUFdacGJHVjZiMjl0Y3k1amIyMGxNa1kwTURRPQ==

http://www.capitalvaultsbits.com/NYfcIQrFT0n3ov2WJo1WwARwJ0afgLX_ysZbIHQGVxFLQWYpYfGISHHiFTYlGGH aKaZ _uwMLFIpt4Q ppHRpWjXMUW2 t5haV_USqrIgL K0vORMd6Vu3K1ZU4nERRKCCSTJo5UeBIaqcnqjjOfjByFbr3fVnYQ3AzTVyFXjF55oC5_ uQgcGSZnp60HxHwpt q_af2Ptl06p1e29xEcCQ9Yohmg==-Gy8AAMRtbE7nFoc5IgkccsD LcqDe7Axdq6gRHlj4s H6ysZQfMRd5N2Cg==

http://www.ranchsignbundle.com/tprqUGz6oHHsj5lyZqLb3vPSClekIx4Jj_CNqhl40mZLfTzfrBNT7nbELgbWW2swcb Op7hmkPK3ERMvPw8ECzRwamTcMpk6SC0Hw8R7RysD8_nqbVYR5e3FJL7otDqRKgK08imTBGJMeHtAT C_ohB6q685 rHu3EZf4VlaYNoc0 sHAfY=-Ow==

http://www.ranchsignbundle.com/njxEomI v9Gt7nxV3HbvWTWyw 6yzxvbufPJPdAqmXa43KPGNxkyjnieUry7b3qwFgMLPz ceIyLfUTKxuPgJ_ereGbznScd6A3JOccgrTcNZp_ML1vgo9jAtn7dLeCJKtXJ5XkXWOqTUVGqY4bo8t26Wsjye38OmffaLx7sA7Fxqbw1Dcw=-Ow==

http://www.ranchsignbundle.com/nAGllE2KTHBVA8VVwilvpooZRDaX427XCkCptZHnbLou0bABZruvYwxKecvRlTT6gwauu0JIZZQCJ7ucXGuL9zCnQ8ZIeMn1 VBVsggGRV0KALY8tRkIQx4W9VosUw GUwnm65hPXqlliiArdKbO56Td7HHU4K2bEGw0KrknJ IbKP6Vk8=-Ow==

http://www.ranchsignbundle.com/Azp1l_qcjrL3ZTuCFgjKoHWKT1D3l2Uvs75DECOFNPw5phGgmF_WWf5l1meeMzhvFcMGX_vpFhsfBLHQSVKy8crmT96SVsRao5fF76j69ofB1Klo_0SEczZYwGtsN0Emw0EjeepKlXe7nPGsDJF2RfNBhZtnPqJ4OGjwyDDo_MXtsNsgWfE=-Ow==

http://www.capitalvaultsbits.com/lmLGEf4NXK2eWqLVhFImPvCLOPzy_dsykianzFxu8odcwj10BtLI5hwV58T3rRdtjOK0WUVpOCmzaIYUAFCjJceuin4p7C JJxcpUbotueQ8WiBwB6cH6PuLFvwdy71hKcDvoQmWEdJcR7d2qJhs SiaLhUvlGBetwAaUMOV3C_GtrCWrufv7ns4IrfHZIM7Mt3Uelhw-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.capitalvaultsbits.com/Ueh0ZH8OTGWC_FzuxxJUAcTfAn183fgc8Qh2wsPdDT_IDsGcO0VEWm0PDzqpkCiFXTivpXJt6Is6DuO3XHHwykvSTv1jOTUekGzulvuTfzoqGeBzlLWwK5HrqO0ufbMbER5WxY6Uewy3DUJUJMt86CqyQYhMvUREvIMmRReT0VdX6A0YFgrrD5B0A_qhA9mMhH9WT6sx-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.capitalvaultsbits.com/LRZwEakhCUUQv2Yun5uKQuiOmLKdW3LqrkPhomCF51PyS_PUtPIEU8ExjoTyPcD jdWX_9aRqr8ZgnkzGEcQfJTletNd3VM_m1Be bkCqJCA Q5t7pkgngtJ WaqSlvJek9yH t p1i7M57wF489Yj9GvtSM22POG8N2wouGNyL14iiyQDROFPguVqYZCvuG3C5tPlpB-GywAAARycWgNQupeGnQNHHLA_u0J5IkEG2PnCkrkGxM_sOviZeQ4MzfIZgM=

http://www.ranchsignbundle.com/F7UWa9y2GF1wdJtTqhDO4jef06yq_nrGWw1WLgU4IIkZta2mw9bY0BrhE2HwanySeAJsHOsAlkxFy lS7qCmQcZ93wq6vsb4KEB9gmDeJkuaNCybfswsMCT7SekRi6YhmMkE7X3_avUyLjA5Jzh1e3S77oSOL2_kvgezncgOoGsy7EqG6A0=-Ow==

http://www.capitalvaultsbits.com/vEWULiVx 1CskPsFZWtFoMdTPdpPiMeXVOP5LHhVerr5m4_BS9Nzz2Vh44qoFy3dA_zdAORDqcWAgF8CaR0enL0JLrkVzbjdCjYhErnEMKjBvvjyfZFGszohDwSDdNJY OsILszOhbjNsR9ZFA5_4oFLahbfZKMNFcWiZYwI_8 hfaHttUhtMWpIoXPiHP4q7_dAhh5G9XlN599zGLo4zpXGs5XnaA==-Gy8AAMRtbE7nFoc5IgkccsD LcqDe7Axdq6gRHlj4s H6ysZQfMRd5N2Cg==

Latest 30 of 99 download URLs

Scan bdcam-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.