» dvdfabdecrypter.exe
Overview
Analysis
File Details
Behaviors (1)

dvdfabdecrypter.exe

DVDFab

Fengtao Software Inc.

The executable dvdfabdecrypter.exe, “DVDFab - The ultimate DVD copying/converting/burning software!” has been detected as malware by 9 anti-virus scanners.

File name:

dvdfabdecrypter.exe

Publisher:

Fengtao Software Inc.

Product:

DVDFab

Description:

DVDFab - The ultimate DVD copying/converting/burning software!

Version:

3, 0, 9, 6

MD5:

2bb20dbab6debadbe7fb155da8e0b65b

SHA-1:

9c63491b27d8c46f8a6a05980c583d25e722cdad

Scanner detections:

9 / 68

Status:

Malware

Analysis date:

5/2/2025 1:14:55 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.defq

7.11.124.238

Comodo Security

UnclassifiedMalware

17602

F-Prot

W32/MalwareF.NTYX

v6.4.7.1.166

K7 AntiVirus

Riskware

13.175.10814

Norman

Suspicious_Gen2.QQKWY

11.20140118

Rising Antivirus

PE:Trojan.Win32.Generic.1282C18D!310559117

23.00.65.14116

Trend Micro House Call

TROJ_AGENT.AWPW

7.2.18

Trend Micro

TROJ_AGENT.AWPW

10.465.18

VIPRE Antivirus

Trojan.Win32.Generic

25382

File size:

1.2 MB (1,281,536 bytes)

Product version:

3, 0, 9, 6

Original file name:

DVDFab.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\dvdfab decrypter 3\dvdfabdecrypter.exe

File PE Metadata

Compilation timestamp:

3/31/2007 3:56:36 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:hQibTg6eAMbpW3R2AnmQtHgwkL8knzOMcBbIfIpmFqBq5myiDucb+13kbnk+Nh70:hQ8E6eJpW3EQtAB9VYoFgyoucwwnk+Ni

Entry address:

0x1000

Entry point:

68, 01, 40, E8, 00, E8, 01, 00, 00, 00, C3, C3, 95, D5, 73, 5F, 9D, 20, 53, F9, 75, BC, 26, 5C, 43, 02, AB, 0E, 2E, 6E, E3, 83, 67, E5, 25, 00, D1, 06, A4, 9E, 0A, 3B, F4, 76, 31, E8, 27, D0, 76, 46, D2, DD, 44, 2E, C5, F6, 51, AD, 58, E8, 01, BD, 4E, A0, E8, 93, 20, F7, C6, 1F, 51, 88, F9, 45, F4, 8D, D9, 3E, BA, 6A, B2, 8E, 1E, 71, D1, 69, 86, 75, BC, 50, F7, 08, AE, EB, 37, 5C, B4, 1A, 3C, 0D, 03, 67, A1, 16, 80, 8E, 19, 80, B7, 54, 3B, AB, CF, 2C, 70, 77, D5, 79, 15, 99, D0, 92, 54, 96, 96, 61, BA, A4... 
[+]

Entropy:

7.9776

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

2.1 MB (2,232,320 bytes)

Autoplay Handler

Display name:

DVDFabDecrypterOnDVDArrival

Remove dvdfabdecrypter.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.