home

vidxsetup-r2081502-bc-cus-sbf.exe

VidX

VidX Project Ltd

The application vidxsetup-r2081502-bc-cus-sbf.exe by VidX Project has been detected as a potentially unwanted program by 9 anti-malware scanners. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from www.bunnyflix.com.
Publisher:
VidX Project Ltd.  (signed by VidX Project Ltd)

Product:
VidX

Description:
VidX - Install

Version:
0.0.0.49

MD5:
f9f1e4a0b2cb655bd1773b83435433c1

SHA-1:
ca94dbceb0216b9bb01a9b0f3328f17ccbe3118c

SHA-256:
78a0d718b2915bba8c9d5aa00707835320652f84bb4fd22c5252fa8a67923378

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/24/2024 4:28:12 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

avast!
Win32:Adware-gen [Adw]
2014.9-140611

Dr.Web
Adware.OpenCandy.4
9.0.1.0162

ESET NOD32
Win32/OpenCandy (variant)
8.9822

Fortinet FortiGate
Riskware/OpenCandy
6/11/2014

McAfee
Artemis!F9F1E4A0B2CB
5600.7103

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
23.00.65.14609

Trend Micro House Call
TROJ_GEN.F47V0412
7.2.162

VIPRE Antivirus
Opencandy
29398

File size:
1.3 MB (1,398,544 bytes)

Product version:
0.0.0.49

Copyright:
Copyright (c) 2013

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vidxsetup-r2081502-bc-cus-sbf.exe

Digital Signature
Signed by:
VidX Project Ltd

Authority:
VeriSign, Inc.

Valid from:
4/28/2013 7:00:00 PM

Valid to:
4/26/2015 6:59:59 PM

Subject:
CN=VidX Project Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=VidX Project Ltd, L=Belize City, S=Belize, C=BZ

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6A45624F19F296070E08828B50E05266

File PE Metadata
Compilation timestamp:
4/11/2014 8:28:21 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:PnlNsVUt7u+yCkoUiQFE+cVlRrHa183MoGBf7MiTYziPB3VOdsi:PluYkoUWV3a1PoGdBTYzOB3V

Entry address:
0x2B482

Entry point:
E8, 23, 9A, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, E0, 29, 45, 00, 00, 74, 05, E9, 89, 9A, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6, 8B, 44, 24...
 
[+]

Entropy:
6.7502

Code size:
256.5 KB (262,656 bytes)

The file vidxsetup-r2081502-bc-cus-sbf.exe has been seen being distributed by the following URL.

http://www.bunnyflix.com/download/.../cid=2081502&unid=2cabf250b11df95d24291f023b4a4493534b6acc1e46d&from=link

Remove vidxsetup-r2081502-bc-cus-sbf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.