home

fastmediaconvertersetup.exe

FastMediaConverterSetup.exe

Applon

The application fastmediaconvertersetup.exe by Applon has been detected as adware by 14 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from i.fastmediaconverter.com.
Publisher:
Applon  (signed and verified)

Product:
FastMediaConverterSetup.exe

Version:
1.0.27.0

MD5:
a9c7189f360680c5f832d23a134ef06d

SHA-1:
4af31519acd275f936cfbe5dfa333bdc293c5326

SHA-256:
86d0f8e804e6b8b4fa61936438e1b28cba19e22c1fb7a60f7ebf6903ecc608ae

Scanner detections:
14 / 68

Status:
Adware

Analysis date:
6/22/2025 2:29:09 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.583602
1116

Bitdefender
Application.Generic.583602
1.0.20.75

Bkav FE
W32.Cloddfa.Trojan
1.3.0.4613

Comodo Security
ApplicUnwnt
17620

ESET NOD32
MSIL/Adware.StrongVault (variant)
8.9296

F-Secure
Application.Generic.583602
11.2014-15-01_4

G Data
Application.Generic.583602
14.1.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.2.29

K7 AntiVirus
Adware
13.175.10852

McAfee
Artemis!BA90A2097130
5600.7250

MicroWorld eScan
Application.Generic.583602
15.0.0.45

Reason Heuristics
PUP.Installer.Applon.X
14.8.8.0

Trend Micro House Call
TROJ_GEN.F47V1106
7.2.15

VIPRE Antivirus
MSIL.Adware.StrongVault
25464

File size:
354.5 KB (363,024 bytes)

Product version:
1.0.27.0

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\fastmediaconvertersetup.exe

Digital Signature
Signed by:
Applon

Authority:
COMODO CA Limited

Valid from:
8/10/2013 8:00:00 PM

Valid to:
8/11/2014 7:59:59 PM

Subject:
CN=Applon, O=Applon, STREET=44 Primrose Crescent, L=SUNDERLAND, S=Tyne and Wear, PostalCode=SR6 9RJ, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
61D4C21BAC72FFC01DD91677B59DA3E6

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:Ye34V6zxRkvzohX1H752IFV4+6BpjaXlgMdqul6VJYt8TPvSo3Jie5h:8636zohlV1IQhdq+6VJdvSre5h

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.8192

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file fastmediaconvertersetup.exe has been seen being distributed by the following URL.

http://i.fastmediaconverter.com/inst/software/.../FastMediaConverterSetup.exe

Remove fastmediaconvertersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.