home

videoconvertersetup.exe

The application videoconvertersetup.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Video Converter. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from spath2.path-tracker.com.
MD5:
145d0b0bcd267a8f07c66a66ad4e9a84

SHA-1:
3e20b88527409de61445ef1d208e5c6cbde5a724

SHA-256:
0f8100cd8b101ea11e1c6d329078cd91fca8eca1b2c23283e5fe2e7876325012

Scanner detections:
11 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/24/2024 12:21:24 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.144.8

avast!
Win32:Installer-I [PUP]
2014.9-140922

AVG
Generic
2015.0.3344

Dr.Web
Adware.InstallCore.76
9.0.1.0265

ESET NOD32
Win32/InstallCore.BA (variant)
8.9689

F-Prot
W32/InstallCore.I.gen
v6.4.7.1.166

Panda Antivirus
PUP/MultiToolbar.A
14.09.22.12

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.14920

Sophos
Install Core Click run software
4.98

Trend Micro House Call
HV_INSTALLCORE_CB243082.TOMC
7.2.265

VIPRE Antivirus
InstallCore
28320

File size:
1.1 MB (1,193,688 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\videoconvertersetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:ETl32JmhQfn9SbUgombm74sLsH9fAlJ1nYlopiC6+HYnFI:K2f9wSu6L5+

Entry address:
0xD4B50

Entry point:
55, 8B, EC, 83, C4, F0, B8, A8, CC, 41, 00, E8, 51, F8, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.9181

Developed / compiled with:
Microsoft Visual C++

Code size:
865.5 KB (886,272 bytes)

Program Uninstaller
Program name:
Video Converter

Uninstall string:
C:\Program Files (x86)\VideoConverter\Uninstall\Uninstall.exe /RSF /Uninstall


The file videoconvertersetup.exe has been seen being distributed by the following URL.

http://spath2.path-tracker.com/.../download-exe?tid=44944997&ol=648,1124,594,244,32,1123,1111,1179,999,973,1144,884,998,974,972,728,971,970,143,902,1082,641,844,1000,1146,1044,1189,1165,1196,1021,1188,1193,897,840,842,841,832,749,845,611,770,894,886,642,631&aid=35&fid=

Remove videoconvertersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.