home

ace-media-player.exe

Ace Media Player

XetoWare

The application ace-media-player.exe, “Ace Media Player Setup ” by XetoWare has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup.
Publisher:
XetoWare   (signed by XetoWare)

Product:
Ace Media Player

Description:
Ace Media Player Setup

Version:
2.5

MD5:
8ce9b95542d4284094e09dadbe0d7aee

SHA-1:
cb1b55ca0042d17a3a9b0df1c2957145dd8ee54a

SHA-256:
a40c46a63d3b4d8791706700afe621d787e2dd700fcdd069f42a7ca2d064f269

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:
4/19/2024 6:18:59 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Downware.11069
9.0.1.05190

ESET NOD32
Win32/InstallMonetizer.AF potentially unwanted application
7.0.302.0

Reason Heuristics
PUP.InstallMonetizer.Bundle (M)
16.3.10.15

File size:
6.7 MB (7,034,464 bytes)

Product version:
2.5

Copyright:
© 2012 XetoWare

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\ace-media-player.exe

Digital Signature
Signed by:
XetoWare

Authority:
COMODO CA Limited

Valid from:
8/19/2012 7:00:00 PM

Valid to:
8/20/2013 6:59:59 PM

Subject:
CN=XetoWare, O=XetoWare, STREET=25 Bourke Street, L=Sydney, S=NSW, PostalCode=2167, C=AU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DC6C15F713EB986754B2F272BFBA66C1

File PE Metadata
Compilation timestamp:
10/9/2012 3:48:22 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:F/bu5q8NeWKddfYBd7vauQGZnkDtpTTJHR:F/buLNAHA7CutZnkDtpTNHR

Entry address:
0xF3BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 64, ED, 40, 00, E8, E8, 71, FF, FF, 33, C0, 55, 68, 89, FA, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 45, FA, 40, 00, 64, FF, 32, 64, 89, 22, A1, 48, 3B, 41, 00, E8, BE, F7, FF, FF, E8, 65, F3, FF, FF, 8D, 55, EC, 33, C0, E8, F7, C3, FF, FF, 8B, 55, EC, B8, 4C, 66, 41, 00, E8, 6A, 58, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 4C, 66, 41, 00, B2, 01...
 
[+]

Entropy:
7.9966

Developed / compiled with:
Microsoft Visual C++

Code size:
59 KB (60,416 bytes)

Remove ace-media-player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.