home

setup.exe

HQ Video Pro 3.1cV27.07

Digit Network (Extreme White Limited)

The application setup.exe, “HQ Video Pro 3.1cV27.07 Installer” by Digit Network (Extreme White Limited) has been detected as adware by 16 anti-malware scanners. The program is a setup application that uses the Nullsoft Install System installer. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is also typically executed from the user's temporary directory.
Publisher:
HQ VideoV27.07  (signed by Digit Network (Extreme White Limited))

Product:
HQ Video Pro 3.1cV27.07

Description:
HQ Video Pro 3.1cV27.07 Installer

Version:
1.36.01.22

MD5:
b569a04a99095f480ea2fcb4a445a712

SHA-1:
e9ea6c97d3aeddb8cd5fd498639e2a96e6def1c9

SHA-256:
f84ee4aeabb53a3723dcaa105b80b0e289aa86eed402763a207c6c95d4deee17

Scanner detections:
16 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/19/2024 9:26:23 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.ScrambleWrapper
7.1.1

AhnLab V3 Security
PUP/Win32.CrossRider
2015.07.28

Avira AntiVirus
TR/Rogue.81920.143
8.3.1.6

avast!
NSIS:Adware-XK [PUP]
2014.9-150901

AVG
AdLoad
2016.0.2999

Bkav FE
W32.HfsAdware
1.3.0.6979

Clam AntiVirus
Win.Trojan.14824974
0.98/21511

Dr.Web
Trojan.Crossrider1.42770
9.0.1.0244

ESET NOD32
Win32/Packed.ScrambleWrapper.O potentially unwanted (variant)
9.12003

IKARUS anti.virus
PUA.ScrambleWrapper
t3scan.1.9.5.0

K7 AntiVirus
Unwanted-Program
13.207.16698

Kaspersky
not-a-virus:WebToolbar.Win32.CrossRider
14.0.0.1492

Malwarebytes
PUP.Optional.CrossRider
v2015.09.01.04

NANO AntiVirus
Trojan.Win32.MLW.dpnylv
0.30.24.2668

Reason Heuristics
PUP.ExtremeWhite.DigitNetworkExtremeWhiteLimited.Installer (M)
15.9.1.16

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.4

File size:
13.4 MB (14,046,312 bytes)

Copyright:
Copyright HQ VideoV27.07

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe

Digital Signature
Signed by:
Digit Network (Extreme White Limited)

Authority:
COMODO CA Limited

Valid from:
4/14/2015 7:00:00 PM

Valid to:
4/14/2016 6:59:59 PM

Subject:
CN=Digit Network (Extreme White Limited), O=Digit Network (Extreme White Limited), STREET=Tassou Papadopulu 6 (flat/office 22), L=Nicosia, S=Agios Dometios, PostalCode=2373, C=CY

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F39F5E5096779B72822CF8381166A432

File PE Metadata
Compilation timestamp:
12/4/2012 8:55:11 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
393216:PwgxGQ19gU9aNJGlZBTHeFTxbmNq/r44n6enwC4E:PwHQ19n9y0B6HSo//n6pC4E

Entry address:
0x412D

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 73, 45, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 74, 45, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 74, 45, 00, 56, A3, F4, E7, 44, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8B, 3B, 00, 00, A3, 50, E8, 44, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A9, B2, 40, 00, FF, 15, AC, 74, 45, 00, 83, EC, 14, C7, 44, 24, 04, AA, B2, 40, 00, C7...
 
[+]

Code size:
33.5 KB (34,304 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.