home

youtube_music_downloader_setup.exe

Youtube Music Downloader

Anhui Green Xin Information Technology Co. Ltd

The application youtube_music_downloader_setup.exe, “Youtube Music Downloader Setup ” by Anhui Green Xin Information Technology Co has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
YoutubeMusicDownloader.us Inc.   (signed by Anhui Green Xin Information Technology Co. Ltd)

Product:
Youtube Music Downloader

Description:
Youtube Music Downloader Setup

Version:
6.7.0.1

MD5:
0d02b60e4d4484a432f1d2cc68087ca2

SHA-1:
bb56a8393f6619aa6162323349014cfb1810f82d

SHA-256:
57a795a22b858f9b2b0d4ce58e2b2de575ac8768cc172f2168e630fced3ee487

Scanner detections:
5 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/24/2024 5:35:38 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Adware.Agent-6810
0.98/21411

Comodo Security
UnclassifiedMalware
16603

ESET NOD32
Win32/OpenCandy
9.9149

Reason Heuristics
PUP.OpenCandy.Installer (L)
15.11.26.15

Trend Micro House Call
Suspicious_GEN.F47V0716
7.2.330

File size:
6.2 MB (6,478,328 bytes)

Product version:
6.7

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\youtube_music_downloader_setup.exe

Digital Signature
Signed by:
Anhui Green Xin Information Technology Co. Ltd

Authority:
GlobalSign nv-sa

Valid from:
1/30/2012 12:05:47 AM

Valid to:
1/30/2015 12:05:47 AM

Subject:
CN=Anhui Green Xin Information Technology Co. Ltd, O=Anhui Green Xin Information Technology Co. Ltd, L=Hefei, S=Anhui, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112175FB21D0536ABE7D4BEB6F013BFEC52D

File PE Metadata
Compilation timestamp:
10/13/2013 1:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:uk5EBFLeSDfLSa2zd1W3gRZvdSgXyN3LaIsigL4t19plnj22RoPwlMGHo1jtXvvw:uQofLn3gRZVtiN7C4tPnjFRoNGw9vv

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9956

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

Remove youtube_music_downloader_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.