» youtubefreedownloader.exe
Overview
Analysis
File Details
Downloads (1)

youtubefreedownloader.exe

YouTube Free Downloader

SCCE Development Inc

The application youtubefreedownloader.exe, “YouTube Free Downloader Setup Program” by SCCE Development Inc has been detected as a potentially unwanted program by 9 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from lib.giveawayoftheday.com.

File name:

Publisher:

MP3Rocket (signed by SCCE Development Inc)

Product:

YouTube Free Downloader

Description:

YouTube Free Downloader Setup Program

Version:

5.1.0

MD5:

30ea93e96720c174d78c8813bb9ca777

SHA-1:

d87417a74839a28e5f6d2cfd46e2d5fb96001642

SHA-256:

f58bbfe5cc74c4a0b0293677d172c0e8465c2086bd52295f6ea8a7d190910974

Scanner detections:

9 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

4/24/2024 8:00:49 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.OpenCandy

2015.05.08

Dr.Web

Adware.OpenCandy.141

9.0.1.0178

ESET NOD32

Win32/OpenCandy.A potentially unsafe (variant)

9.11591

IKARUS anti.virus

AdWare.MultiBundleS

t3scan.1.8.9.0

McAfee

Artemis!30EA93E96720

5600.6819

Reason Heuristics

PUP.Optional.Installer.SCCE

15.3.22.5

Trend Micro House Call

Suspicious_GEN.F47V0331

7.2.81

Zillya! Antivirus

Downloader.Agent.Win32.243272

2.0.0.2172

File size:

1.1 MB (1,151,664 bytes)

Product version:

5.1.0

Original file name:

YouTube Free DownloaderSetup.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\youtubefreedownloader.exe

Digital Signature

Signed by:

SCCE Development Inc

Authority:

thawte, Inc.

Valid from:

2/24/2015 3:00:00 AM

Valid to:

2/24/2017 2:59:59 AM

Subject:

CN=SCCE Development Inc, O=SCCE Development Inc, L=Lehi, S=Utah, C=US

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

1FEC5D7B86418BE6C86668F0B194584C

File PE Metadata

Compilation timestamp:

12/16/2014 8:26:02 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:+/xB2AUVbWNLHp0kT1Thvgem0h7boGm8O7yKSibLRTR+:2AKNLJNRThvgVWwGQGG6

Entry address:

0x5B174

Entry point:

E8, 75, AB, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, C4, 00, 00, 00, A1, B0, A2, 49, 00, 33, C5, 89, 45, FC, 56, 8B, 75, 08, 57, 33, FF, 89, BD, 4C, FF, FF, FF, 3B, F7, 75, 1E, E8, AE, 2B, 00, 00, 6A, 16, 5E, 57, 57, 57, 57, 57, 89, 30, E8, DC, F5, FF, FF, 83, C4, 14, 8B, C6, E9, 24, 01, 00, 00, E8, E6, 6D, 00, 00, 8D, 85, 4C, FF, FF, FF, 50, E8, DD, 6E, 00, 00, 59, 85, C0, 74, 0D, 57, 57, 57, 57, 57, E8, 8A, F4, FF, FF, 83, C4, 14, 8B, 85, 4C, FF, FF, FF, 53, 6A, 3C, 99, 59, F7, F9, 66, 89... 
[+]

Entropy:

7.2732

Code size:

497 KB (508,928 bytes)

The file youtubefreedownloader.exe has been seen being distributed by the following URL.

http://lib.giveawayoftheday.com/YouTube_Free_Downloader_2303866/.../?cf159e30

Remove youtubefreedownloader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.