home

tunesover_setup_full1881.exe

TunesOver

Shenzhen Wondershare Information Technology Co., Ltd.

Publisher:
Shenzhen Wondershare Information Technology Co., Ltd.  (signed and verified)

Product:
TunesOver

Description:
tunesover_setup_full1881.exe

Version:
1,3,0,1

MD5:
4966b99de7daaa9a4044d32baa44d3b8

SHA-1:
b48e58873cf87112f542af4a05e2edc535106abe

SHA-256:
ea93ea01ce9fbb70dc0e64694a50cf50294ff059c32bf01fde0e75a2948756ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:29:07 PM UTC  (today)

File size:
811.6 KB (831,048 bytes)

Product version:
3.7.0

Copyright:
Copyright 2015 Wondershare Corporation

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\tunesover_setup_full1881.exe

Digital Signature
Signed by:
Shenzhen Wondershare Information Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
7/25/2013 7:00:00 PM

Valid to:
9/24/2015 6:59:59 PM

Subject:
CN="Shenzhen Wondershare Information Technology Co., Ltd.", OU=Project Management, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shenzhen Wondershare Information Technology Co., Ltd.", L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5209CE411DC780947AC0E4E9E3B95D44

File PE Metadata
Compilation timestamp:
7/7/2015 4:46:02 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:zoleim5z2E4HSH3hCn2RdZK7r1+TDOe9xyRyyhWg/+nr/x:zkg4yXGcC7r1+TDOakWg2nrJ

Entry address:
0x50CBA

Entry point:
E8, A7, B5, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, 28, 0D, 45, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, F4, B2, 01, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D...
 
[+]

Entropy:
7.0201

Code size:
447.5 KB (458,240 bytes)

The file tunesover_setup_full1881.exe has been seen being distributed by the following 4 URLs.

http://r.search.yahoo.com/cbclk/dWU9RDk1NTRDM0IwMkIwNDlEQyZ1dD0xNDczODA5NDY1NTE3JnVvPTczNTk4NTY3Njc3NjAyJmx0PTImZXM9aDBEaW5wNEdQUzkuSHI1OSZqZT0yNDE5ZTllZS03YTBhLTExZTYtYTdkMC1mNzY2MmMzMjM5MzMtN2ZkYmQ5NWQxNzAwJnVpPTcyLjE2OC4xNDUuMTEmanQ9MTQ3MzgwOTQ2NTUzMSZwcD1lMg--/RV=2/RE=1473838266/RO=10/RU=http://0.r.msn.com/?ld=d3vgcJoULdW1SX-BZHNmlsbDVUCUzYAfSCKYytnYkPkLz7306EJig7pwDMwpccnpAVO1Fi8hw9F2jgFpGU5CPwcxo37vNTWSWs0hGBKX5HKXrTToDQK-JbWfiygUzc1E4PDLaoSBgmSh8WEzShuosjyyu2U8lS9VIDN-wVtGbJ4PrxMP6l&u=download.iskysoft.us/tunesover_full1881.exe?utm_source=bing&utm_medium=cpc&utm_campaign=TunesOver_SS_US_BM_pid(1660)_&utm_term=how%20do%20you%20transfer%20%2Bipad%20pictures%20to%20%2Bapple%20computer&utm_content=ipad%20photos%20to%20mac/.../RS=mHnM4DkgFccTZUs77J__lnMkFgY-

http://r.search.yahoo.com/cbclk/dWU9MTM0Qjk1NjcxMzZCNDgxQyZ1dD0xNDc0MzQ5Mzk0MTc3JnVvPTEwODUyNTQ2NzU0Jmx0PTImZXM9NVlwbDd5VUdQU19jMDhNSyZqZT00MmE5ZDEwNi03ZWYzLTExZTYtYTk0Zi1hYjYwMjYxM2MxZDUtN2YxMTM1YzNjNzAwJnVpPTc2Ljk1LjIxLjUmanQ9MTQ3NDM0OTM5NDE5NSZwcD1uNA--/RV=2/RE=1474378194/RO=10/RU=http://0.r.msn.com/?ld=d3IJh82TB9VQK68X98dLujUzVUCUyEckKEKzkkVZVQ3qK2N5NoxGdsPgQuE64XFrpdi0JINNd1wy6PBRuQixriYUJyccQDLhAqOy1hlFB0Pt_gvJm3aOMstF4ps0GZ1frldzcSts2G2FYsbo_nD5fcbjzgYD8&u=download.iskysoft.us/tunesover_full1881.exe?utm_source=bing&utm_medium=cpc&utm_campaign=TunesOver_SS_US_pid(1660)_bbm_11.16新建&utm_term=how%20to%20transfer%20music%20iphone%20to%20mac&utm_content=iphone%20music%20to%20mac-transfer/.../RS=_k8_8UBnw7AirGrx09uq6KbODbQ-

http://download.iskysoft.us/.../tunesover_setup_full1881.exe

http://download.iskysoft.us/tunesover_full1881.exe

Scan tunesover_setup_full1881.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.