home

vlc_setup.exe

The application vlc_setup.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. The file has been seen being downloaded from appuntu.com.
MD5:
b1b99280b5fbcfb46fef91fda08044c1

SHA-1:
640dc6e3a23e182ba10a3fb82ff51122106f3b71

Scanner detections:
23 / 68

Status:
Potentially unwanted

Explanation:
Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:
5/5/2024 7:42:00 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.FX
793

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:Adware-gen [Adw]
2014.9-141203

AVG
Generic
2015.0.3271

Bitdefender
Application.Bundler.FX
1.0.20.1685

Dr.Web
Adware.Conduit.170
9.0.1.0337

ESET NOD32
Win32/DownloadAssistant.A potentially unwanted application
8.7.0.302.0

F-Prot
W32/A-9949dfbf
v6.4.7.1.166

F-Secure
Application.Bundler.FX
11.2014-03-12_4

G Data
Application.Bundler.FX
14.12.24

IKARUS anti.virus
PUA.DownloadAssistant
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.185.13965

Malwarebytes
PUP.Optional.DownloadAssistant
v2014.12.03.06

MicroWorld eScan
Application.Bundler.FX
15.0.0.1011

NANO AntiVirus
Riskware.Win32.Conduit.dhhkky
0.28.6.63474

Panda Antivirus
Trj/Genetic.gen
14.12.03.06

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.3.17

Sophos
AirInstaller
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10199

Total Defense
Win32/Tnega.MFfaER
37.0.11287

VIPRE Antivirus
Threat.4782985
33706

Zillya! Antivirus
Backdoor.Klon.Win32.1246
2.0.0.1984

File size:
817.6 KB (837,186 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\vlc_setup.exe

File PE Metadata
Compilation timestamp:
11/27/2014 1:02:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:9X/3Q9p0jL5qO/v+DO240HiP2VJLST1O5S:hn//vH240xLLSl

Entry address:
0x4C95F

Entry point:
E8, 4E, 1A, 01, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, C0, 3E, 4A, 00, 00, 74, 05, E9, B1, 1A, 01, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6...
 
[+]

Entropy:
7.1198

Code size:
467.5 KB (478,720 bytes)

The file vlc_setup.exe has been seen being distributed by the following URL.

http://appuntu.com/us/02/.../video-converter.php

Remove vlc_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.