» mbsetup_uvd-loader.exe
Overview
Analysis
File Details
Downloads (705)

mbsetup_uvd-loader.exe

UmmyVideoDownloader 1.6.0.3

Magicbit, Inc

The application mbsetup_uvd-loader.exe, “Ummy Video Downloader ” by Magicbit, Inc has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from ummydownloader.com and multiple other hosts.

File name:

Publisher:

Magicbit, Inc (signed and verified)

Product:

UmmyVideoDownloader 1.6.0.3

Description:

Ummy Video Downloader

Version:

1.6.0.3

MD5:

b46ddde572e1cf029d5af73af93f29d3

SHA-1:

f06ef775e961c5d2a839bc39fc5846d70b9f1804

SHA-256:

8a2f93ef9a9ef755975c72fc21ff89f1cdf81d83b3075643a310d1df08d2e2ae

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

5/22/2024 5:18:59 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Magicbit.D potentially unwanted application

8.0.319.0

Reason Heuristics

PUP.Magicbit.Downloader.Installer.Meta (M)

16.4.14.4

File size:

14 MB (14,666,000 bytes)

Product version:

1.6.0.3

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\mbsetup_uvd-loader.exe

Digital Signature

Signed by:

Magicbit, Inc

Authority:

COMODO CA Limited

Valid from:

4/21/2014 1:00:00 AM

Valid to:

4/21/2017 12:59:59 AM

Subject:

CN="Magicbit, Inc", O="Magicbit, Inc", STREET="901 N. Pitt Street, Suite 325", L=Alexandria, S=VA, PostalCode=22314, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B5B2652535A2ACE1ACBFF9D5D7816AD4

File PE Metadata

Compilation timestamp:

7/16/2015 2:24:20 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:o5Cq2yK/eGUrc8GciNKDnPyYGpTTeW16zsPyzq8dM9J0elX:o5C9eGrRNqqFxTB6zV320c

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file mbsetup_uvd-loader.exe has been seen being distributed by the following 50 URLs.

http://ummydownloader.com/.../file.php?id=04&f=01&country=tn&ts=1462476011&s=7bf31cd25ee2c69cc989959e0d72380c6bdc0684

http://ummydownloader.com/.../file.php?id=04&f=01&country=it&ts=1462038877&s=a4a8e7224f599ad8b37649fe08e79fbbaaef269a

http://sf-apps.com/ummy/.../get.php?id=oc_2203&f=base&country=ve

http://ummydownloader.com/.../file.php?id=04&f=01&country=co&ts=1461878967&s=742ebea1f71545d6ba4380b0508d3197b5a00891

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1462134620&s=d1fc108ced1e5fc3feac0233ad7ad29e53e4105c

http://ummydownloader.com/.../file.php?id=04&f=01&country=ec&ts=1462405695&s=1033a4f2655f59d6724ddcc3b1105f7423fc2e3a

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1461975337&s=a1ba4f30edf66692690b4e5ce97d6e366295737b

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1461890176&s=b4d44a638968700d9b3ea786023a04c48352a085

http://ummydownloader.com/.../file.php?id=04&f=01&country=mn&ts=1462181824&s=5e35e055e62ab09a967e073259ff96dbe207ccfd

http://sf-apps.com/ummy/.../get.php?id=oc_2203&f=base&country=sa

http://ummydownloader.com/.../file.php?id=04&f=01&country=gb&ts=1462123251&s=75fb725642f2fb5f6a03e0581794522262a869f2

http://ummydownloader.com/.../file.php?id=04&f=01&country=fr&ts=1462273336&s=6965f08d6c2934d8d6e2ae69e608499643487a88

http://ummydownloader.com/.../file.php?id=04&f=01&country=tn&ts=1462217473&s=313a6a87aa83c3e3995bbf1ce60cb596ff514c7e

http://ummydownloader.com/.../file.php?id=04&f=01&country=ng&ts=1461926117&s=4e8f18ee2f8fd38cde4b23664b0b540b276bc066

http://ummydownloader.com/.../file.php?id=04&f=01&country=dz&ts=1462465622&s=7eb4909985ac9de0ce81ac5a8193c86aa9260869

http://ummydownloader.com/.../file.php?id=04&f=01&country=dz&ts=1461939124&s=4c32a710e94d7c0b1ca8e80cbff110ed827fece3

http://ummydownloader.com/.../file.php?id=04&f=01&country=ec&ts=1462085078&s=f1585d7bdc59c1a593b0fccb1c1131c6f681563e

http://ummydownloader.com/.../file.php?id=04&f=01&country=pk&ts=1462298241&s=04b555dce63a5e4295ac74ba7711ef977a9454f9

http://ummydownloader.com/.../file.php?id=04&f=01&country=il&ts=1462011655&s=4d35522c503386124e6ae714f30d1c5274e8f1ca

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1462068848&s=420655e4e0b984327ae4eb6a30ec8425be0f5223

http://ummydownloader.com/.../file.php?id=04&f=01&country=cz&ts=1461994016&s=a14756b4dc28108de7cdc570a41a4724f103b203

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1462364410&s=a611c67541aa30491c88365432867bf7e2a002f5

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1462068987&s=5cdab07ca72394c738665c9dd142416373b41f10

http://ummydownloader.com/.../file.php?id=04&f=01&country=eg&ts=1462495238&s=b52526a4ceac90a6d1577554fdf81bf898c013c8

http://videodownloader.ummy.net/.../UmmyVideoDownloader_setup.exe

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1461941745&s=c4a2b01fd1cff8c971c033ffe404f4172aaad67a

http://ummydownloader.com/.../file.php?id=04&f=01&country=eg&ts=1462259085&s=819c350c0dc2e9616da6fbb3e936bf93c36525df

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1461922648&s=7d0f6cc511be2679934803e54f7968c64db5afcb

http://ummydownloader.com/.../file.php?id=04&f=01&country=br&ts=1461968583&s=060d50e40f8176a53952362e822758015707d7bd

http://ummydownloader.com/.../file.php?id=04&f=01&country=ro&ts=1462191674&s=0ec1cd9244f8c7deabf96bf47393cd64cd1e3c20

Latest 30 of 705 download URLs

Remove mbsetup_uvd-loader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.