» freeflvconverter_7.13_sien4_release.exe
Overview
Analysis
File Details
Downloads (1)

freeflvconverter_7.13_sien4_release.exe

Denco Limited

The application freeflvconverter_7.13_sien4_release.exe by Denco Limited has been detected as adware by 0 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from vzbucket.appscion.com.

File name:

Publisher:

Denco Limited (signed and verified)

MD5:

6aa38ee84fc061e5ab626b15c2e1b519

SHA-1:

5b7a57b9814b55e185b645e93818bd5f8876f916

SHA-256:

760fb4da2d02c260882ab7cb4abfd695d9b184a2c8ac516b01ca63a562f50fe5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/1/2024 3:56:08 PM UTC (today)

File size:

1.3 MB (1,338,408 bytes)

File type:

Executable application (Win64 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\freeflvconverter_7.13_sien4_release.exe

Digital Signature

Signed by:

Denco Limited

Subject:

CN=Denco Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Denco Limited, L=Hong Kong, S=Hong Kong, C=HK

Serial number:

570F3954FD8AC2184E29E83063A4482B

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

24576:TNqNvFn7Wu/mAZ2RK+jIn1Wf5sbixBPn5JkK1/mYZ2REAUIJyWX:TMvlWu/xZ+KkIYf6bixOK1/nZ+EHIXX

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 1C, C7, 44, 24, 10, C0, 8A, 40, 00, 89, 5C, 24, 18, C6, 44, 24, 14, 20, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, AC, 80, 40, 00, 53, FF, 15, A4, 82, 40, 00, 6A, 08, A3, 18, 36, 45, 00, E8, FD, 28, 00, 00, 53, 68, 60, 01, 00, 00, A3, 28, 35, 45, 00, 8D, 44, 24, 3C, 50, 53, 68, BF, 8A, 40, 00, FF, 15, 70, 81, 40, 00, 68, B4, 8A, 40, 00, 68, 20, F5, 44, 00, E8, 27, 26, 00, 00, FF, 15, A8, 80, 40, 00, 50, BF, 50, C0, 47, 00, 57, E8, 15, 26... 
[+]

Entropy:

7.9788

Packer / compiler:

Nullsoft install system v2.x

The file freeflvconverter_7.13_sien4_release.exe has been seen being distributed by the following URL.

http://vzbucket.appscion.com/FastFreeConverter/.../FreeFLVConverter_7.13_Sien4_release.exe

Remove freeflvconverter_7.13_sien4_release.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.