home

ffmpeg.exe

Hipgnosis Vision

The application ffmpeg.exe by Hipgnosis Vision has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Hipgnosis Vision  (signed and verified)

MD5:
bc9b43806260e385d59bbe83c9edad2e

SHA-1:
02a225ad9fd9bd50209f7ac5018b8d01a826cded

SHA-256:
d2238f896f31f39f448a17af8c3cad7e8f72de088ae771f303b382e4dc635cde

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 7:03:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.HipgnosisVision (M)
15.6.30.1

File size:
15.8 MB (16,528,888 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\android video converter box\tools\ffmpeg.exe

Digital Signature
Signed by:
Hipgnosis Vision

Authority:
VeriSign, Inc.

Valid from:
2/11/2014 1:00:00 AM

Valid to:
3/14/2015 12:59:59 AM

Subject:
CN=Hipgnosis Vision, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Hipgnosis Vision, L=Craiova, S=Dolj, C=RO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
67706B72437E415E8AB76B9C4C85261D

File PE Metadata
Compilation timestamp:
10/2/2011 4:32:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.21

CTPH (ssdeep):
196608:dqnGvyyY1VSb00rctCu6NapQLgQONHyWwI25BpyLkdIQ3h7A/Qg2mz+RZO4cao5M:gybceadwFpWjldDC1RXmpdun

Entry address:
0x14D0

Entry point:
83, EC, 0C, C7, 05, 00, 68, 92, 01, 00, 00, 00, 00, E8, 8E, 1F, 5E, 00, 83, C4, 0C, E9, 96, FC, FF, FF, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, A1, 50, 13, FF, 00, 85, C0, 74, 3C, C7, 04, 24, 20, 20, FF, 00, FF, 15, F8, C8, A1, 01, BA, 00, 00, 00, 00, 83, EC, 04, 85, C0, 74, 16, C7, 44, 24, 04, 2E, 20, FF, 00, 89, 04, 24, FF, 15, FC, C8, A1, 01, 83, EC, 08, 89, C2, 85, D2, 74, 09, C7, 04, 24, 50, 13, FF, 00, FF, D2, C9, C3, 8D, 76, 00, 55, 89, E5, 5D, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90...
 
[+]

Entropy:
6.1932

Code size:
11.8 MB (12,341,248 bytes)

Remove ffmpeg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.