home

fytd_setup.exe

Free YouTube Downloader

Bonjoy (Verified Application Company)

The application fytd_setup.exe, “Free YouTube Downloader Setup Program” by Bonjoy (Verified Application Company) has been detected as a potentially unwanted program by 10 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
How, Inc  (signed by Bonjoy (Verified Application Company))

Product:
Free YouTube Downloader

Description:
Free YouTube Downloader Setup Program

Version:
4.0

MD5:
7c3ab0df36a5bbd0cf56b100ae4ca5d2

SHA-1:
a28b332f488fd6ad0cb92eacb100f73d3c052ef5

SHA-256:
1bc250bf208eacb71134a6b5ae65fb4a5be3ce48cf9dfbb93207a004c1bbaba4

Scanner detections:
10 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/19/2024 12:15:29 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
PUA/OpenCandy.Gen
8.3.2.4

AVG
Generic
2017.0.2853

Dr.Web
Adware.OpenCandy.194
9.0.1.05190

ESET NOD32
Win32/OpenCandy.A potentially unsafe application
8.0.319.0

K7 AntiVirus
Unwanted-Program
13.212.18529

Reason Heuristics
PUP.BonjoyVerifiedApplicationCompany.Installer (M)
16.3.4.11

SUPERAntiSpyware
PUP.OpenCandy/Variant
9363

VIPRE Antivirus
Opencandy
46750

Zillya! Antivirus
Trojan.Virlock.Win32.28109
2.0.0.2628

File size:
1.1 MB (1,180,712 bytes)

Product version:
4.0

Copyright:
How Inc.

Original file name:
Free YouTube DownloaderSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fytd_setup.exe

Digital Signature
Signed by:
Bonjoy (Verified Application Company)

Authority:
COMODO CA Limited

Valid from:
12/12/2015 12:00:00 AM

Valid to:
12/11/2016 11:59:59 PM

Subject:
CN=Bonjoy (Verified Application Company), O=Bonjoy (Verified Application Company), STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0CBA100EB8A303781BAFC3DFA145B230

File PE Metadata
Compilation timestamp:
8/19/2015 6:26:10 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:5Hv7bHHBS8gWBIIVTwNP3a0q7VafNoGm8OlhcaGA:ZfrgWCeTwNCfUf+GQ77

Entry address:
0x575E4

Entry point:
E8, 75, 98, 00, 00, E9, 79, FE, FF, FF, CC, CC, 68, C0, 71, 45, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, B8, A2, 49, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 6A, 0C, 68, 10, 1A, 49, 00, E8, 9B, FF, FF, FF, 6A, 0E, E8, BC, 22, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08...
 
[+]

Entropy:
7.2868

Code size:
500 KB (512,000 bytes)

The file fytd_setup.exe has been seen being distributed by the following 26 URLs.

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=04542808b07ed1c8d1c07360&viewguid=aqNEdKDSlX8z00H7PklcTEAroCcs8ydeqTrk&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=81581f31aeaacf880ab12c51&viewguid=a1mpDVNLBFAiou5A22JMVHp-xUnRDxl7@Vzr&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=84fe3b87495aa9d3112579ca&viewguid=a019VBZuT1wo2gt2g02jQC0TSpX8KzUCw8G6&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14496262&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=578fb7704c960a29faa0e43b&viewguid=anzl7qwtAvq9vZCD-F-snnNn8z-RcwIiuiRl&destUrl=http://software-files-a.cnet.com/s/software/14/49/.../62/FYTD_Setup.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=1b97138b2ba73ab5ff4fb737&viewguid=a2OCxuvZytc8mnxYrbSV0qXUaviCa7G6aIe1&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

https://doc-04-ak-docs.googleusercontent.com/docs/securesc/k9lbvqm2kipdcm3rlsk51olhs89rdlan/piqmg62epqcmhvg9uunl08bgr9j2v8ke/1457308800000/.../03106507079257579607/0B-mjszPzg9FMcFpackVoSWVYZjQ?h=00237744823362544258&e=download

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=932f0e4d926390fa16635d41&viewguid=aqGWPgMLbkDPP61yLYd9q2r9UXN6V4EaY65r&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

http://software-files-a.cnet.com/s/software/14/37/45/.../FreeYouTubeDownloaderOC.exe

http://youtubedownloader.com/update

http://software-files-a.cnet.com/s/software/14/00/58/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=435b5ea3b7de725c7f2c6ecf&viewguid=aqQyc5Sy2G5e26gvoCrHss3Dge9O83pBOoHh&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=41f710574a667c3f69a9e385&viewguid=a0N1w-N-Oe2PXsfMK7CExIruKrbnEQb7XXeO&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=beebcad59513324d18edc5a5&viewguid=asnypdbvVEQ3Gq0j6nlZuJbO10hrKbmScHHt&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

http://up.sd.baidu.com/?rh=C09AA31451105648F8E1A13C615574E6&baidusign=18143011&baidurand=8216

http://youtubedownloader.com/download

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=641942f47ea925a9fa0f2026&viewguid=apXjmuuOxaOnCae0Zn6Rhu8Kr@Qh8kW7S1XT&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=a89481497f2e1a3c0058347b&viewguid=axuaCQXnAsh1t6hqR1FizSLShP-U3l9gb0cr&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

http://getyoutubedownloader.com/FreeYouTubeDownloader.exe

http://up.bav.baidu.com/?rh=C09AA31451105648F8E1A13C615574E6&baidusign=18143011&baidurand=24153

temp:FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=07c126ee3a4a07a5c5d82591&viewguid=arZIXZ8yIQBDHNbvEHUxngi8N875wUPa5LpV&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=ed80bcee08b5495cf68a7adc&viewguid=a4TbGE1hOGbA@mYsJX4LB3UbNWjAqBWHIDaG&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

&onid=2071&oid=3001-2071_4-75219434&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14497539&mfgid=10099047&merid=10099047&ctype=dm&cval=NONE&devicetype=desktop&pguid=34c5bb5e1e1480502d43ecaf&viewguid=auLjanypIwT@r4Gn0Ip0cOgF5ijkTo8nx7n7&destUrl=http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

http://getyoutubedownloader.com/FreeYouTubeDownloaderOC.exe

http://software-files-a.cnet.com/s/software/14/49/.../62/FYTD_Setup.exe

http://software-files-a.cnet.com/s/software/14/49/75/.../FreeYouTubeDownloaderOC.exe

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to mil04s26-in-f14.1e100.net  (216.58.205.110:80)

Remove fytd_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.