» videoconvertersetup.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (1)

videoconvertersetup.exe

The application videoconvertersetup.exe has been detected as a potentially unwanted program by 26 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Video Converter. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.superbvideoconverter.com.

File name:

MD5:

2a49799c1d79d5770ce130f9c18f9735

SHA-1:

57710c7b5b676cf2933c8e5d764f501ceddbed22

SHA-256:

2f966c5efa23f96e13f776ead026b19a54168252fd72322f4a2ec7f974883a18

Scanner detections:

26 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

4/19/2024 4:38:23 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Generic.335398

906

Agnitum Outpost

PUA.InstallCore

7.1.1

AhnLab V3 Security

PUP/Win32.InstallCore

2013.12.13

Avira AntiVirus

APPL/Downloader.Gen6

7.11.119.134

AVG

Adware InstallCore.M

2014.0.4007

Bitdefender

Adware.Generic.335398

1.0.20.1120

Bkav FE

W32.HfsAutoA

1.3.0.4613

Clam AntiVirus

Win.Adware.Installcore-156

0.98/18355

Comodo Security

Application.Win32.ClickRun.A

17431

Dr.Web

Adware.InstallCore.53

9.0.1.0224

Emsisoft Anti-Malware

Adware.Generic.335398

8.14.08.12.08

ESET NOD32

Win32/InstallCore.AF (variant)

8.9168

Fortinet FortiGate

Adware/Fam.NB

10/23/2014

F-Prot

W32/InstallCore.V2.gen

v6.4.7.1.166

F-Secure

Adware.Generic.335398

11.2014-12-08_3

G Data

Adware.Generic.335398

14.8.22

K7 AntiVirus

Unwanted-Program

13.174.10498

MicroWorld eScan

Adware.Generic.335398

15.0.0.672

NANO AntiVirus

Trojan.Win32.InstallCore.cqrbdq

0.28.0.56692

Panda Antivirus

PUP/MultiToolbar.A

14.08.12.08

Qihoo 360 Security

Malware.QVM20.Gen

1.0.0.1015

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.14810

Sophos

Install Core Click run software

4.96

SUPERAntiSpyware

Adware.InstallCore

10425

Vba32 AntiVirus

BScope.Malware-Cryptor.InstallCore.2691

3.12.24.3

VIPRE Antivirus

Click run software

24312

File size:

1.1 MB (1,144,592 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\videoconvertersetup.exe

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:Dfiqz5+2cFdkTdo2w8krjVSFX3EaQXjN+tMtlzBD:Dfiqz5+2cFd2do2wprhSFkaQXcUlF

Entry address:

0xCE7D0

Entry point:

55, 8B, EC, 83, C4, F0, B8, 20, C4, 41, 00, E8, 30, D8, FF, FF, 8B, C0, 70, 10, 40, 00, 01, 04, 42, 79, 74, 65, 01, 00, 00, 00, 00, FF, 00, 00, 00, 90, 84, 10, 40, 00, 01, 04, 57, 6F, 72, 64, 03, 00, 00, 00, 00, FF, FF, 00, 00, 90, 98, 10, 40, 00, 01, 08, 43, 61, 72, 64, 69, 6E, 61, 6C, 05, 00, 00, 00, 00, FF, FF, FF, FF, 90, B0, 10, 40, 00, 0A, 06, 53, 74, 72, 69, 6E, 67, BC, 10, 40, 00, 0B, 0A, 57, 69, 64, 65, 53, 74, 72, 69, 6E, 67, CC, 10, 40, 00, 0C, 07, 56, 61, 72, 69, 61, 6E, 74, 8D, 40, 00, 24, 11... 
[+]

Entropy:

7.0201

Developed / compiled with:

Microsoft Visual C++

Code size:

841 KB (861,184 bytes)

Program Uninstaller

Program name:

Video Converter

Uninstall string:

C:\Program Files\VideoConverter\Uninstall\Uninstall.exe /Uninstall

The file videoconvertersetup.exe has been seen being distributed by the following URL.

http://www.superbvideoconverter.com/default/ga/.../?dl=1

Remove videoconvertersetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.