home

freeytd_setup.exe

Free YouTube Downloader

HOW Inc.

The application freeytd_setup.exe, “Free YouTube Downloader Setup ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from getyoutubedownloader.com.
Publisher:
HOW Inc.

Product:
Free YouTube Downloader

Description:
Free YouTube Downloader Setup

MD5:
6d86523a0fa8a660c6fcb8c93277dfd8

SHA-1:
55757904081cab140d5cd31e6a52762311dcc700

SHA-256:
fa93eeae43296c30798e4a50df3c9ff9c89b28d06549512ee6f9b1c82c6ff320

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 12:57:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.How.FYTDownloader.Bundler (M)
16.8.9.12

File size:
1.5 MB (1,547,560 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:wQiml5k546zGHIBboI/fuhqTjtE3Inet6i7BsttbJQ80/MQx4IV7P8QFcx:w9ml23yoCI/PftE3met6i7qJ3JQx4MLC

Entry address:
0xA5F8

Entry point:
81, FB, 2B, 51, 00, 00, 71, 02, 0F, CE, 52, 68, 8A, D8, 3D, 00, F6, D9, 69, D6, A1, F0, 37, 94, 0F, CD, 81, FF, E4, C6, 00, 00, 72, 02, 8A, C8, 8D, 33, 86, ED, BD, B5, 01, BB, 8E, 03, C6, 69, CE, 0E, F4, 14, 5D, 87, DA, 8D, 35, 0D, EA, BF, B7, E8, 34, 00, 00, 00, 85, FA, F6, D9, 78, 0A, 69, C8, FF, C1, C5, C6, FE, CA, 8A, EC, 85, DD, 0F, B6, CB, 08, F9, 8D, 6D, 00, 80, FC, 3B, 8D, 5D, 00, 89, D8, 8B, D3, 88, F9, 52, F7, DE, 5E, 81, C2, 4B, F7, B4, 0B, 88, C4, 8D, 3E, 34, 7C, F7, DB, FF, C9, 3B, EA, 59, F6...
 
[+]

Entropy:
7.8541  (probably packed)

Code size:
39.5 KB (40,448 bytes)

The file freeytd_setup.exe has been seen being distributed by the following URL.

http://getyoutubedownloader.com/FreeYTD_Setup.exe

Remove freeytd_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.