home

manycamwebinstaller_beta.exe

ManyCam Virtual Webcam

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application manycamwebinstaller_beta.exe, “ManyCam Installer” by Visicom Media has been detected as a potentially unwanted program by 5 anti-malware scanners. The file has been seen being downloaded from download2.manycam.com.
Publisher:
Visicom Media Inc.  (signed and verified)

Product:
ManyCam Virtual Webcam

Description:
ManyCam Installer

Version:
1.2.1.0

MD5:
361652bcaefc79b31109bdadaa205e8a

SHA-1:
f606d10892503a9311756bcab1b4742245b53e2f

SHA-256:
a81e47da9de45eef740b829fdb71e504276f0650abd49436d613ba577b6be1c5

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 10:51:26 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.InstallToolbar
7.1.1

AVG
Generic
2016.0.3051

Bkav FE
W32.HfsAdware
1.3.0.6979

Dr.Web
Tool.InstallToolbar.174
9.0.1.0192

Reason Heuristics
Threat.Win.Reputation.IMP
15.12.5.21

File size:
289 KB (295,960 bytes)

Product version:
1.2.1.0

Copyright:
© 2006-2015 Visicom Media Inc.

Trademarks:
© 2006-2015 Visicom Media Inc, All Rights Reserved

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Symantec Corporation

Valid from:
2/8/2015 7:00:00 PM

Valid to:
2/8/2017 6:59:59 PM

Subject:
CN=Visicom Media Inc., OU=Visicom Media Inc., O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0F7022688814C950B353E71B8D1C1D84

File PE Metadata
Compilation timestamp:
2/2/2015 4:28:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:6y3G8+2+JnCjg2m7BRhtOWUa7TfcNuSLXNL636VhXZ:6yQOgt7o0SFuMhXZ

Entry address:
0x6C46

Entry point:
E8, 62, 39, 00, 00, E9, 7F, FE, FF, FF, E9, 0F, 09, 00, 00, 3B, 0D, 10, E1, 42, 00, 75, 02, F3, C3, E9, 48, 14, 00, 00, 55, 8B, EC, 56, 8B, F1, 8B, 4D, 08, C6, 46, 0C, 00, 85, C9, 75, 66, E8, 23, 2F, 00, 00, 8B, D0, 89, 56, 08, 8B, 4A, 6C, 89, 0E, 8B, 4A, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 6C, E9, 42, 00, 74, 11, A1, 2C, EA, 42, 00, 85, 42, 70, 75, 07, E8, 61, 42, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 70, E1, 42, 00, 74, 15, 8B, 4E, 08, A1, 2C, EA, 42, 00, 85, 41, 70, 75, 08, E8, C4, 45, 00, 00, 89, 46, 04, 8B...
 
[+]

Entropy:
5.8617

Code size:
127 KB (130,048 bytes)

The file manycamwebinstaller_beta.exe has been seen being distributed by the following URL.

http://download2.manycam.com/.../ManyCamWebInstaller_beta.exe

Remove manycamwebinstaller_beta.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.