home

fbvdupdate7.1.exe

VIDEO TECH PRODUCOES LTDA - ME

The executable fbvdupdate7.1.exe has been detected as malware by 23 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from goo.gl.
Publisher:
VIDEO TECH PRODUCOES LTDA - ME  (signed and verified)

MD5:
9840d797f525eb28986014c359c5bd02

SHA-1:
a3fe89c116a40fef584b85e44a85fceaf885cfba

SHA-256:
ed74fa7d691622c40e57c2b8edbc12c182bc4bbd56ec862dfcc8663f6d2cf44a

Scanner detections:
23 / 68

Status:
Malware

Analysis date:
4/16/2024 8:28:31 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
Dropper/Win32.Dapato
2013.11.23

Avira AntiVirus
TR/Spy.1420768
7.11.115.42

avast!
Win32:Febipos-D [Drp]
2014.9-140722

AVG
MalSign.Stolen
2015.0.3406

Bitdefender
Gen:Trojan.Heur.wrZ@Iub00daO
1.0.20.1015

Comodo Security
UnclassifiedMalware
17317

Emsisoft Anti-Malware
Gen:Trojan.Heur.wrZ@Iub00daO
8.14.07.22.08

Fortinet FortiGate
W32/Dapato.DEWW!tr
7/22/2014

F-Secure
Gen:Trojan.Heur.wrZ@Iub00daO
11.2014-22-07_3

G Data
Gen:Trojan.Heur.wrZ@Iub00daO
14.7.22

IKARUS anti.virus
Trojan.Win32.Spy
t3scan.2.2.29

Kaspersky
Trojan-Dropper.Win32.Dapato
14.0.0.3523

McAfee
Artemis!9840D797F525
5600.7062

Microsoft Security Essentials
TrojanDropper:Win32/Febipos.D
1.163.1557.0

MicroWorld eScan
Gen:Trojan.Heur.wrZ@Iub00daO
15.0.0.609

NANO AntiVirus
Trojan.Win32.Dapato.clzunq
0.28.0.56316

Norman
Febipos.G
11.20140722

Panda Antivirus
Trj/Genetic.gen
14.07.22.08

Trend Micro House Call
TROJ_GEN.R0CBC0DKH13
7.2.203

Trend Micro
TROJ_GEN.R0CBC0DKH13
10.465.22

Vba32 AntiVirus
TrojanDropper.Dapato
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
23636

File size:
1.4 MB (1,420,768 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fbvdupdate7.1.exe

Digital Signature
Signed by:
VIDEO TECH PRODUCOES LTDA - ME

Authority:
Thawte, Inc.

Valid from:
7/1/2013 9:00:00 PM

Valid to:
7/2/2014 8:59:59 PM

Subject:
CN=VIDEO TECH PRODUCOES LTDA - ME, O=VIDEO TECH PRODUCOES LTDA - ME, L=Florianópolis, S=Santa Catarina, C=BR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
75BF24911D0DEAA1302738F5948159B1

File PE Metadata
Compilation timestamp:
10/25/2013 12:02:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:3Xp9Q3PoX2RnbbMvO1KDkEUWYAS/bHx7JnURxca5btP1HcNITAnVWZB3SFdthrs:p9E7pbbMvO1p/LLKcOZP1IiAnVWZBWt2

Entry address:
0x258000

Entry point:
EB, 03, 82, 66, A9, 50, EB, 03, 13, A1, 07, E8, 14, 00, 00, 00, EB, 02, 25, D1, EB, 05, F1, B6, 28, 2C, AB, 33, C0, 70, 51, 71, 6C, EB, 01, 1C, EB, 05, 13, BC, 9C, BE, 46, B8, 21, 48, 9F, F6, EB, 03, 30, 74, 4E, EB, 05, FF, 19, C7, 40, 22, 05, DF, B7, 60, 09, EB, 02, C7, 2A, 75, 46, EB, 03, 05, 71, 22, 64, FF, 30, EB, 05, D0, 93, 2D, 82, B7, 64, 89, 20, EB, 04, 3E, C8, 21, BB, EB, 04, BF, 93, E1, 08, 8B, 10, EB, 04, B9, 13, 83, C8, 64, 8F, 00, EB, 05, 8F, 67, 09, A7, E7, 83, C4, 04, EB, 05, F7, 41, 90, EB...
 
[+]

Code size:
110 KB (112,640 bytes)

The file fbvdupdate7.1.exe has been seen being distributed by the following URL.

https://goo.gl/R6t1N7

Remove fbvdupdate7.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.