home

fvd-converter-release.exe

Kuzma Safonov

The application fvd-converter-release.exe by Kuzma Safonov has been detected as a potentially unwanted program by 2 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Kuzma Safonov  (signed and verified)

MD5:
5c8d3661d24e0e34da36f748468c03e1

SHA-1:
4816043cc73e562da8fd6a6615d8494e6b45fec2

SHA-256:
4f65ed055e3f30ba597d9f8a81c114d1c9535d8cfa103328bba687e53cfe54a8

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/18/2024 11:20:37 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

ESET NOD32
Win32/InstallCore.BA (variant)
9.7787

Reason Heuristics
PUP.KuzmaSafonov (M)
15.7.1.3

File size:
1.3 MB (1,315,864 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fvd-converter-release.exe

Digital Signature
Signed by:
Kuzma Safonov

Authority:
COMODO CA Limited

Valid from:
2/15/2012 1:00:00 PM

Valid to:
2/15/2013 12:59:59 PM

Subject:
CN=Kuzma Safonov, O=Kuzma Safonov, C=UZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D5508D7420AEF0F616CAA5346E80B7E0

File PE Metadata
Compilation timestamp:
6/20/1992 10:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:4OHS7T5QQq2uQisgxOcbngb0aKFd9aydo7tkdEL0A4DfSew7Z4kb2353n6Y7/mfO:FPQq2uQisUi169aydo7Lz0SeEK3pn5z

Entry address:
0xCD440

Entry point:
55, 8B, EC, 83, C4, F0, B8, 98, A5, 41, 00, E8, BA, F4, FF, FF, FF, 25, 54, 61, 48, 00, 8B, C0, FF, 25, 50, 61, 48, 00, 8B, C0, FF, 25, 4C, 61, 48, 00, 8B, C0, FF, 25, 48, 61, 48, 00, 8B, C0, FF, 25, 44, 61, 48, 00, 8B, C0, FF, 25, 40, 61, 48, 00, 8B, C0, 53, 56, BE, E0, 55, 48, 00, 83, 3E, 00, 75, 3A, 68, 44, 06, 00, 00, 6A, 00, E8, A8, FF, FF, FF, 8B, C8, 85, C9, 75, 05, 33, C0, 5E, 5B, C3, A1, DC, 55, 48, 00, 89, 01, 89, 0D, DC, 55, 48, 00, 33, D2, 8B, C2, 03, C0, 8D, 44, C1, 04, 8B, 1E, 89, 18, 89, 06...
 
[+]

Entropy:
7.2215

Developed / compiled with:
Microsoft Visual C++

Code size:
837.5 KB (857,600 bytes)

Remove fvd-converter-release.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.