home

ejay_videoandmusicexchange_downloader.exe

Download Manager

Yelsi AG

This is a setup program which is used to install the application. The file has been seen being downloaded from downloader.ejay.com.
Publisher:
Yelsi AG  (signed and verified)

Product:
Download Manager

Version:
1, 3, 2, 3

MD5:
ccbc0859975e14a771726cd23d9acab9

SHA-1:
fecf222210d0c740ef529c34e530ca8635d9fab9

SHA-256:
e9d13d77b6ce1e94382e396b205adc0159a096d0aa138342a5c6ffc86a98526d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:18:13 AM UTC  (today)

File size:
949.8 KB (972,592 bytes)

Product version:
1, 3, 2, 3

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\ejay_videoandmusicexchange_downloader.exe

Digital Signature
Signed by:
Yelsi AG

Authority:
GoDaddy.com, Inc.

Valid from:
8/27/2010 8:00:32 AM

Valid to:
8/11/2011 8:59:03 PM

Subject:
CN=Yelsi AG, O=Yelsi AG, L=Walchwil, S=Zug, C=CH

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
4E8515AB628DA3

File PE Metadata
Compilation timestamp:
10/25/2010 7:47:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:JmvuiNxalIaDtxk7C/ChqQxFgR4/Un8pH+ZGi5ZkgevC:JwuijalIUk7C/ChqXR7Gi5ZVuC

Entry address:
0x4DA8C

Entry point:
B8, AC, BB, 69, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 83, F1, 80, 7F, 2C, 37, 64, D4, E8, 2A, F2, A7, 4F, D3, CB, B5, 0E, D0, F0, AC, 9B, 9B, F0, E1, 21, 03, 90, 1F, BF, 47, D2, E6, 93, 8B, 37, B7, 0F, 45, 02, B2, BB, EA, 5C, 25, 32, 1B, 17, 8D, 11, FC, 9E, 15, 38, AE, 66, 82, 69, 14, 91, 3E, 82, 2B, F1, 20, 39, AB, 14, 67, F9, BC, 3D, 30, 0C, C0, D5, 75, 18, 2C, 01, 8C, 0C, 0D, 2A, F6, E1, F2, 95, 7C, 8A, 67, BC, 07, D1...
 
[+]

Packer / compiler:
PECompact v2

Code size:
1.7 MB (1,810,432 bytes)

The file ejay_videoandmusicexchange_downloader.exe has been seen being distributed by the following URL.

http://downloader.ejay.com/deploy/.../ejay_videoandmusicexchange_downloader.exe

Scan ejay_videoandmusicexchange_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.