home

videoconvertersetup.exe

The executable videoconvertersetup.exe has been detected as malware by 1 anti-virus scanner. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from soft.foxtab.com.
MD5:
2c252bd7cc336d458829e9b3bab8b176

SHA-1:
e85051b24fdbb102369ea1f613e2a375ce43fa08

SHA-256:
dae7f71baf389b0ebf4282333af3aed104871eb620c652ebd44c0e152fb289e7

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/19/2024 10:30:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.1.6.1

File size:
1 MB (1,099,144 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\videoconvertersetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:iN5TaCotFNBxQSTuiivWvtj+4cTBYjQT:i/gq0uKjCTej

Entry address:
0xC1A94

Entry point:
55, 8B, EC, 83, C4, F0, B8, 87, 16, 40, 00, E8, A0, F4, FF, FF, 2F, 5B, D9, FC, 94, 0F, 9A, ED, 1A, 54, 35, CE, D3, 4B, B9, DE, A7, 53, 32, F0, 5E, 93, 33, CA, 05, FE, EB, 3E, DD, 5C, 38, 1D, 84, 08, 4B, 55, F6, 65, F1, E0, A3, 4A, 8C, 53, BC, D5, 30, 37, 61, 71, 9C, 87, 6B, F5, EC, E0, E1, 38, 3C, 4F, 73, 6F, 9A, D0, 65, 35, 02, E8, DD, 21, 49, DA, 8C, 31, 1E, 6F, F2, 84, 97, 63, ED, 19, F2, CF, 39, 9D, 72, 2E, FE, 73, 84, DD, C5, 81, A7, 31, 43, 71, AB, 74, D8, 6A, 46, 7D, D7, 83, 22, A1, C8, 57, D2, 35...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
786.5 KB (805,376 bytes)

The file videoconvertersetup.exe has been seen being distributed by the following URL.

http://soft.foxtab.com/video-converter/gd/.../?dl=1

Remove videoconvertersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.