home

ilivid.exe

iLivid

Bandoo Media Inc.

The application ilivid.exe, “iLivid Download Manager” has been detected as a potentially unwanted program by 2 anti-malware scanners. While running, it connects to the Internet address 94.31.0.27.IPYX-076665-ZYO.above.net on port 80 using the HTTP protocol.
Publisher:
Bandoo Media Inc.

Product:
iLivid

Description:
iLivid Download Manager

Version:
4.0.0.2207

MD5:
a361eabb45f0028cf53fbfe1c9712090

SHA-1:
d83ee8373d1d67d27cedecdbef18f77d6cd05627

SHA-256:
4ac5ff6bd037e0cb0b07221ebff9889dd4e612d5ffb5b54cbb8da56ccfc5c293

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 8:27:46 PM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.BandooMedia.G
188163

Reason Heuristics
PUP.Optional.BandooMedia.G
14.2.23.5

File size:
3.3 MB (3,470,848 bytes)

Product version:
4.0.0.2207

Copyright:
Copyright (C) 2012

Original file name:
ilivid.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Application data\ilivid\ilivid.exe

File PE Metadata
Compilation timestamp:
10/24/2012 4:18:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:EO4GGGG88+QkBs780VQC5vC+Fdy1TGpmnLRKUsdo9034JzgWcxieBOmr4nQysJrV:R8+Qk2Q0Y1Ke034JzgWc4eBvUQysJ

Entry address:
0xECD6C

Entry point:
E8, 99, 05, 00, 00, E9, 1C, FD, FF, FF, FF, 25, 08, DC, 6C, 00, FF, 25, 0C, DC, 6C, 00, FF, 25, 10, DC, 6C, 00, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, CC, FF, 25, 14, DC, 6C, 00, FF, 25, 18, DC, 6C, 00, FF, 25, 1C, DC, 6C, 00, FF, 25, 20, DC, 6C, 00, FF, 25, 24, DC, 6C, 00, FF, 25, 28, DC, 6C, 00, FF, 25, 2C, DC, 6C, 00, FF, 25, 30, DC, 6C, 00...
 
[+]

Entropy:
6.1644

Code size:
1.7 MB (1,747,968 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to 94.31.0.27.IPYX-076665-ZYO.above.net  (94.31.0.27:80)

Remove ilivid.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.