home

mp3convertersetup.exe

The executable mp3convertersetup.exe has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from apps.mydownclub.com.
MD5:
9ead021a3acd6e5d065f4205e6e12403

SHA-1:
8e460f3bd02179052c53078a3d1a5f4b84ef98dd

SHA-256:
2c72cd75e7d5c8c098e1b74304e1edf85de667fd5001879feed7078aee8ac688

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/29/2024 10:25:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.7.22.0

File size:
1010.4 KB (1,034,642 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mp3convertersetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:bxngSq0fYOdCfLtkVPHAfePCUMp3G6A02D:uSq0AOdCfLyeqbMp3i0Q

Entry address:
0xC1910

Entry point:
55, 8B, EC, 83, C4, F0, B8, 68, 19, 41, 00, E8, 5A, DF, FF, FF, 00, 50, E8, D6, F7, FF, FF, A1, DC, 65, 47, 00, 85, C0, 75, E9, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 1D, 1C, 40, 00, 80, 3D, 49, 60, 47, 00, 00, 74, 0A, 68, C4, 65, 47, 00, E8, D5, F7, FF, FF, 68, C4, 65, 47, 00, E8, D3, F7, FF, FF, C3, E9, 2D, 20, 00, 00, EB, DB, 5B, 5D, C3, 53, 3B, 05, 10, 66, 47, 00, 75, 09, 8B, 50, 04, 89, 15, 10, 66, 47, 00, 8B, 50, 04, 8B, 48, 08, 81, F9, 00, 10, 00, 00, 7F, 38, 3B, C2, 75, 17, 85, C9, 79, 03, 83, C1, 03...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
788 KB (806,912 bytes)

The file mp3convertersetup.exe has been seen being distributed by the following URL.

http://apps.mydownclub.com/Mp3ConverterSetup.exe

Remove mp3convertersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.