home

vpc_setup.exe

Video Player Converter

MS Technology Inc.

The application vpc_setup.exe by MS Technology has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. While running, it connects to the Internet address sao-paulo-18.cdn77.com on port 80 using the HTTP protocol.
Publisher:
MSTechnologyInc.  (signed by MS Technology Inc.)

Product:
Video Player Converter

Version:
3.37.3.126

MD5:
20626d5a8be29ef91f6b4837585a059b

SHA-1:
c2bc7985985ab996168b70d6d414352f44c640bb

SHA-256:
83af2f2aba71d34aa31ff4a7164d265f8478f439c596e36469e871ce6dd87420

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
6/25/2025 9:40:07 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.7717

Dr.Web
Program.Unwanted.728
9.0.1.0192

Reason Heuristics
PUP.CompuClever
16.8.7.10

File size:
958 KB (981,000 bytes)

Product version:
3.37.3.126

Copyright:
(c) MSTechnologyInc. All rights reserved.

Original file name:
vpc_setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vpc_setup.exe

Digital Signature
Signed by:
MS Technology Inc.

Authority:
COMODO CA Limited

Valid from:
12/21/2014 10:00:00 PM

Valid to:
12/21/2016 9:59:59 PM

Subject:
CN=MS Technology Inc., O=MS Technology Inc., STREET=4262 Richfield Terr, L=Victoria, S=BC, PostalCode=V8X 4V3, C=CA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5BB294E57C9EC3985FB70CFFD8D583C2

File PE Metadata
Compilation timestamp:
1/21/2016 12:36:48 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:+z4ZXxN5YkiubFBddx7EGwF8e8HUh1vluLyszLce5gkhwnj9/pO9VCdkxVmsD8S:3XyubFBddxgz90EeKkhw/pO9VCdyVJgS

Entry address:
0x3724E

Entry point:
E8, 0B, A5, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, A8, 4C, 46, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, E4, 18, 46, 00, 01, 0F, 82, 02, A6, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83...
 
[+]

Code size:
295 KB (302,080 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to sao-paulo-18.cdn77.com  (189.1.36.21:80)

Remove vpc_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.