home

psvitavideo9-600-setup.exe

The application psvitavideo9-600-setup.exe has been detected as a potentially unwanted program by 3 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This file is typically installed with the program Project64 1.6 by Project64. The file has been seen being downloaded from www.slunecnice.cz and multiple other hosts.
MD5:
b8ebe0b41c1f02e5addc48e70c4f4647

SHA-1:
bf9bc5fc71a9f88d6009940653e201ee1b699b81

SHA-256:
fbdb1c4bdc9e7a9d6863f8a9473409653834a44a424e90e38be569de1534addc

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/27/2024 7:24:35 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Conduit.57
9.0.1.0231

ESET NOD32
Win32/OpenCandy (variant)
8.10025

Malwarebytes
PUP.Optional.OpenCandy
v2014.08.19.04

File size:
18.6 MB (19,522,577 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:3YUGYsv+8pI6dsB8MXFVHkFVU0HJu3JH9JzwLiqygQqQ2qnQvD:NGYg+96dsJXFVHyVU24BupwoD

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9998

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file psvitavideo9-600-setup.exe has been discovered within the following program.

Project64 1.6  by Project64
Publisher's description - “Project64 is a Nintendo 64 emulator for Windows by Zilmar, Jabo, Tooie and Witten. Project64 or PJ64 dates back to its first public release Project64 v1.0 in May 26th 2001. Project64 is an emulator designed to emulate a Nintendo64 video game system on a Microsoft Windows based PC.”
www.pj64.net
About 7% of users remove it
 
Powered by Should I Remove It?

The file psvitavideo9-600-setup.exe has been seen being distributed by the following 4 URLs.

http://www.slunecnice.cz/sw/psp-video-9/stahnout/.../?m=9b5a5b302178754aec1c949ea6435d2f&t=553d3344

http://files.redkawa.net/installers/videoconverterapp/.../psvitavideo9-600-setup.exe

http://software.thaiware.com/download_url.php?id=10571

http://files.redkawa.net/installers/videoconverterapp/.../pspvideo9-600-setup.exe

Remove psvitavideo9-600-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.