home

youtube-to-mp3-converter.exe

Free YouTube to MP3 Converter Studio

Soft Integrator Ltd.

The application youtube-to-mp3-converter.exe, “Free YouTube to MP3 Converter Studio Setup ” by Soft Integrator has been detected as a potentially unwanted program by 9 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from www.maniactools.com and multiple other hosts.
Publisher:
mediaprolab.com   (signed by Soft Integrator Ltd.)

Product:
Free YouTube to MP3 Converter Studio

Description:
Free YouTube to MP3 Converter Studio Setup

MD5:
f18b345b89898bed60d1a16d5439e61c

SHA-1:
511b6ea112b5a0d35f20b73ab7bd519744f1f492

SHA-256:
2b7e8e27c4d5d5a80081df9934f1b01dd5bd223b665871645e7e31c64638bcad

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/19/2024 12:11:05 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.7383

Dr.Web
Adware.Downware.12244
9.0.1.0342

ESET NOD32
Win32/OpenCandy
9.10985

Fortinet FortiGate
Riskware/OpenCandy
12/8/2015

G Data
Win32.Application.OpenCandy
15.12.25

McAfee
Artemis!91663C07011B
5600.6558

Reason Heuristics
PUP.SoftIntegrator.Bundle.Installer.Meta (M)
16.2.24.9

Trend Micro House Call
Suspicious_GEN.F47V1009
7.2.342

Vba32 AntiVirus
BScope.Downware.InstallMonstr
3.12.26.3

File size:
7.3 MB (7,646,064 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\youtube-to-mp3-converter.exe

Digital Signature
Signed by:
Soft Integrator Ltd.

Authority:
COMODO CA Limited

Valid from:
9/18/2012 3:00:00 AM

Valid to:
9/19/2017 2:59:59 AM

Subject:
CN=Soft Integrator Ltd., O=Soft Integrator Ltd., STREET=34-B Predslavinskaya, L=Kyiv, S=Kyiv, PostalCode=03150, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00940377CC336C213475B843DA476735C9

File PE Metadata
Compilation timestamp:
7/9/2014 10:58:13 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:fASQTzvTqjkAN+T65eHDAGfBZ+5lIZaHw5+k+TOqmudr:0vTSHcm2PQoaHr3C2N

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9375

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file youtube-to-mp3-converter.exe has been seen being distributed by the following 9 URLs.

http://www.maniactools.com/soft/.../youtube-to-mp3-converter.exe

http://www.maniactools.com/.../youtube-to-mp3-converter.exe

http://download.cnet.com/.../?appid=75570415

http://indir.gezginler.net/i/17772/.../

https://mail.google.com/mail/u/.../?ui=2&ik=694ad88f37&view=att&th=157432c9bd710953&attid=0.1&disp=safe&realattid=f_ita8jhiw0&zw

http://www.mediaprolab.com/.../youtube-to-mp3-converter.exe

http://free-youtube-to-mp3-converter-studio.software.informer.com/.../

http://download.informer.com/.../youtube-to-mp3-converter.exe

http://www.mediaprolab.com/.../youtube-to-mp3-converter.exe

Remove youtube-to-mp3-converter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.