home

vtuploader2.0.exe

The program is a setup application that uses the Nullsoft Scriptable Install System installer. The file has been seen being downloaded from www.virustotal.com and multiple other hosts.
MD5:
9edab310d6d226164026e555a2daed97

SHA-1:
256b21c1d344ee5bcde25921c00e4f1aea36b500

SHA-256:
f5b31335fefa7d46bab89c6985d7c097eaf8a6b29ac990b5bf63c75e0499a3b6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:12:45 PM UTC  (today)

File size:
139.6 KB (142,981 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\downloads\vtuploader2.0.exe

File PE Metadata
Compilation timestamp:
6/6/2009 5:41:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:GgXdZt9P6D3XJNjfBMK0Xdp/RORav+DGRN5vxKec8RMNi9BMbyN3wm3aSK:Ge34SK0XPRhwEJKej9BMbe3a7

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.6516

Code size:
23.5 KB (24,064 bytes)

The file vtuploader2.0.exe has been discovered within the following program.

VirusTotal Uploader 2.0  by Rotarua Limited
VirusTotal is a website that provides free checking of files for viruses. It uses up to 46 different antivirus products and scan engines to check for viruses that the user's own antivirus solution may have missed, or to verify against any false positives.
www.virustotal.com
6% remove it
 
Powered by Should I Remove It?

The file vtuploader2.0.exe has been seen being distributed by the following 5 URLs.

http://www.virustotal.com/vtsetup.exe

http://gsf-cf.softonic.com/256/b21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=77889&instance=softonic_en&type=PROGRAM&Expires=1424456646&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=B7iC1J8mv1FzCJ3lBCJOMXg5LLsCVGDCX5MQxmvu8s4s3xgpWyqEkNmnNdkfsYvl6X47Xz27tOQW6o7fyLOoYEBjyiuEpEHB4IK5cJ0LnvEDEie8sLb37XkGwEmslOxKdqGvuOuum0ELXkP5Lr-qY~hptvBK0ptrkzGFFgrPq18_&filename=VTUploader2.0Setup.exe

http://files.snapfiles.com/.../VTUploader2.0Setup.exe

http://dl.cdn.chip.de/downloads/.../VTUploader2.0Setup.exe

https://www.virustotal.com/static/.../vtuploader2.0.exe

Scan vtuploader2.0.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.