» topviewsoft_screenvideocapture.exe
Overview
Analysis
File Details
Downloads (11)

topviewsoft_screenvideocapture.exe

Free Screen Video Capture by Topviewsoft

Topviewsoft, Inc.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.funcyclecapital.com and multiple other hosts.

File name:

Publisher:

Topviewsoft, Inc.

Product:

Free Screen Video Capture by Topviewsoft

Description:

Free Screen Video Capture by Topviewsoft Setup

MD5:

70782241b6943881e13c11647af9a77e

SHA-1:

a9d315fcffbfa39334c55753061864bd4c8944a8

SHA-256:

5bf230dc02581f402966b4459e1b732d99f654c17ae00d5b21ee275f7806f888

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 9:52:33 AM UTC (today)

File size:

661.6 KB (677,452 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:5na9OieJAbcvGTJPD14SccRdDZIUp7fWpaJlvcCpqotcvS38LCJQBtdGs1rBLsJ:5naQieJAbBl1BcSZH7fWpY1NkS3rJQBw

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file topviewsoft_screenvideocapture.exe has been seen being distributed by the following 11 URLs.

http://www.funcyclecapital.com/J0aDsMFhFP2ao4FprmcK6airboPCz1IdzCy_SGmfddTCeLBe40T_MRk sa_6fkC06sxEFq9OFA0YYAtJXaikMl9NJHOWtFoJKgjZbIAHIy_hufcUhPtr_kgRbWn5SMjWkre9K_l3jw9AldvyZG5AYx2deh MCI1s1SMGz8AgImc6W0LPWbKxT9H3y2qtdDLVVYWrFNGFHdmTJAQT5hQMfXcafNXTEd9R3_HjBEV_0_H5yEeDzes=-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://www.funcyclecapital.com/j0lOzCe2Q3eWCvu0SUWQR5REkRoV6zlMDmMQkU9BE83u v19uCeygPXbnYS4 HgCDfG5xvW0abwiFQa2BYftkbXLo2Ou0mh9Wpxsg2k4chZ5YAPMzIY6_V m3HywzVnw_lKfdMmQ0Hx8fXAfFmSIwcrXsz8Ltz2OQKiCcVg6lAy7MNFkwfDTiXEquIy OMyq29hg97dTNGt6RjsdeigouyMpVt4kw==-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://www.ranchsendgift.com/Twn143JNILblgeym05v3_KFDI90MebyJxfhD0xQYbuIliziHqXobION1QKNGVvlejrbpRgcWaRK3lEhWABnyTNIbyX35zwfFnRQDs_aP1tKVWEHPSOymdTd_NSCRUL2VjCySYqisHYdEIkkPyb9asT nfS5vOGxU0P7TAYI lSv6Cmik 6mu2JgtfCKAfBpbuPoO724v6BuXIcKqX WeDiKA8b5u6g==-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://free-screen-video-capture-by-topviewsoft.software.informer.com/.../

http://www.ranchsendgift.com/UtHkK4tIPjsAo4pbJIVHvuEvorYDueCbIXD47EymT346JIGSmpoNN4UpoVmZ8ntP_bHAdrPGuYEoFgrmFpPB4elGqmMkd_d5V2EdyMKjtiiboM3qxq4UVAtS27vqjQzcNZC0PYVL59HDSY9y0dlsClxHHt_6soXSKawQU7mPKzkmtTl8DisqDz6_grnTk1E16xh5DXM2WPcs0_h1KhAnrQm0x8c6hQ==-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://www.ranchsendgift.com/LpILPLWJLBWVArl_8w7wW9tRmaGjmur8lB7SLS9KYyAHanORQQbYdnQ0FI_EruimOjy_dWHoNyFO7Kk 9wUj76r D8Isn7mzjdY3siBPP9DCQFLwsg1Bhg JyYK4eQCYiKTm9fW6jTjX6fInokOTT9kFthwfF5ZpLjSwdw1kIzSMlTEkN4y_EDhr2LrYgtVhQbx_ok59ltKGZjU SRBqaYs8A59wBA==-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://www.towerbitscenter.com/6iy_UOhwHHz7LVdDzytBJf7vTpt1vn78YIH0lBrlgouYP 3e0mmiCbpihKppS6vhdW4rFUCyGNP2veGxzx98uujwTLdzkWZYwe_dozyWGtsLyvgvFY4Otm_eXXk6_G S BouiicD82uxZ4SDiORzwDJINbMITPWJv0 ri6GV78FmLep7jFbVOBWHRJRrjS4KwuNWB3ITWhhncqtEaTHnLrpSoadYYQ==-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://www.ranchsendgift.com/Yofv_3VRz9_EeMFlLrh8Dzp5FK4cWNMPxltqcw_6TuVuY3MfNTsv5aryBpIn1ww5hn23EFE6T_pYlJU9B0ki0WzqHR1qbak2bISnKiO3h wY3RFW4YiyxvRDG1trcTSYIO_6v8vLPXOdyCy19MsObzrNItuEoYcbhg4bx7b3l9aFuhI4NIrAfpyHiJ8IAlo25jKPGbkRbrJZYJkE4GNp9Xa3XLioZEgoMo1FsuMWv8mTfMbr28VoCcYbckDRewaESWOkXe319x7W1n5WSm6mejVZWvWZquNlZEicu3LC0akIy3zyWsx4ayrbCw3cdTt55S1ZbY0yeMizdFIj2xR44da9IQoyL_V5vvQS2o7S sW0Unuvh7MEUhHXEwH8JCFV5ymZQRw6nPUsYUMguc1ZAlCDEJX20Ctxc2uyAO6XG6b5ig15yUP11jdhOKnIp7X1Aqw1gZlkFJIViczb8Cd9RRAPpk5GktmeRE1OOVrRxqqRDLCvWj50yZd6MAxJ2RSqxc2RWcuOUJqt6Oq1XNqozdMxBtnuS SlM5jw6X35Xg5IGWNR G0=-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==-e

http://www.funcyclecapital.com/GLfiu3PgHJLOtQ_fn4YK13l_VrlNmgOqWAO65UdUllXy2cdzKFOiEfhQimdNb0EriaRZX54kMFcGw_ HL9BS1qKSrd63CNgTHTHfbBDzgMf5PRw61MRdjhKPUkA7FL1CMBiC6ALgLJEAPXn0saEwGM3AsCTBnMAD_Rwczw7ygDi_6FAryuLMhukXbPdJEngDxYzOTMYbL1E_slg4N4K3h1OZNW OwQ==-G0UAAATEbbH9JRiiYhXRBYs_54LgkAP2txJIKeZgY wsaRiR35jym YZtiSleI82 I66Am4_GyvT8wXCBw==

http://topviewsoft.com/.../Topviewsoft_ScreenVideoCapture.exe

http://www.topviewsoft.com/.../Topviewsoft_ScreenVideoCapture.exe

Scan topviewsoft_screenvideocapture.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.