home

quicktime converter.exe

The executable quicktime converter.exe has been detected as malware by 32 anti-virus scanners.
MD5:
029f376439cebeedd00094471a3fc0dc

SHA-1:
7e6aeb8dd42b8ea46488e1e7c3cd2bfb627c5357

SHA-256:
cfe9db607567ff327e0406a1ba90a0fbdb6e41923d7c1a792fee30878c3f0962

Scanner detections:
32 / 68

Status:
Malware

Analysis date:
4/26/2024 4:06:48 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.3138
857

Agnitum Outpost
Trojan.Packed
7.1.1

Avira AntiVirus
BDS/Fynloski.A.7252
7.11.142.76

avast!
Win32:Malware-gen
2014.9-140708

AVG
Luhe.Boxed
2015.0.3335

Baidu Antivirus
Trojan.Win32.Black
4.0.3.14101

Bitdefender
Gen:Variant.Symmi.3138
1.0.20.1370

Bkav FE
W32.Clod188.Trojan
1.3.0.4959

Comodo Security
Heur.Packed.MultiPacked
18397

Dr.Web
Trojan.Packed.Based
9.0.1.0189

Emsisoft Anti-Malware
Gen:Variant.Symmi.3138
8.14.10.01.12

ESET NOD32
Win32/Packed.MultiPacked (variant)
8.9658

Fortinet FortiGate
W32/Black.A
10/1/2014

F-Secure
Gen:Variant.Symmi.3138
11.2014-01-10_4

G Data
Win32.Trojan.Agent.98YHJO
14.7.24

IKARUS anti.virus
Backdoor.Win32.Fynloski
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.176.11711

Kaspersky
Packed.Win32.Black
14.0.0.3170

McAfee
Artemis!6C7C8E9D1BC2
5600.6991

Microsoft Security Essentials
Backdoor:Win32/Fynloski.A
1.10401

MicroWorld eScan
Gen:Variant.Symmi.3138
15.0.0.822

NANO AntiVirus
Trojan.Win32.Black.bdcrqb
0.28.0.59048

Norman
Troj_Generic.FMJFX
11.20141001

Qihoo 360 Security
HEUR/Malware.QVM15.Gen
1.0.0.1015

Quick Heal
Backdoor.Fynloski
10.14.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.10.1.0

Sophos
Mal/Generic-L
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Barys
10327

Trend Micro House Call
TROJ_SCAR.BMC
7.2.274

Trend Micro
TROJ_SCAR.BMC
10.465.01

VIPRE Antivirus
Trojan.Win32.Generic
28184

ViRobot
Trojan.Win32.A.Black.1389568.B
2011.4.7.4223

File size:
7.9 MB (8,281,187 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\quicktime converter\quicktime converter.exe

File PE Metadata
Compilation timestamp:
3/29/2006 2:50:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:9smrKFuAy4GAB42arGYxd9FCakWiJF6T8vHFr5vnMID80aC:qmrKu49BZYGYTC3JFHF9nMID8i

Entry address:
0x1000

Entry point:
68, 01, B0, 45, 00, E8, 01, 00, 00, 00, C3, C3, 0B, 03, FB, C6, CB, 4A, E1, 9A, 4C, B9, CD, 66, AA, A4, B0, 2B, 54, 0E, BE, 05, 4F, CE, 62, FB, 3B, 40, B0, 0F, 91, 47, 42, 5F, 88, DB, 58, 72, CF, F8, B7, F4, FA, C3, 6C, 3D, C3, 7E, 12, DE, 2F, 8D, 52, 94, 95, 5F, E1, F8, 23, AC, F0, BB, 13, 77, 3A, C2, E6, 9A, 8C, C3, 66, AB, CB, 1A, E0, C1, CF, EB, 92, 7D, FB, 5A, CE, E2, F7, 35, 86, 1A, C8, 7B, 0F, 0C, F9, 13, 35, 4B, 13, 99, 66, 84, 1A, 3C, A2, 1E, EA, 51, 92, 2E, 12, 67, DE, 21, E1, 09, 4B, 1A, 5B, 83...
 
[+]

Entropy:
7.9843

Packer / compiler:
ASProtect v1.2x (New Strain)

Remove quicktime converter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.