» avs media player.exe
Overview
Analysis
File Details
Downloads (1)

avs media player.exe

avs-media-player

Solimba Aplicaciones S.L.

This is the Solimba installer program that will bundle additional offers mostly including adware and various unwanted PC utilities. The application avs media player.exe by Solimba Aplicaciones S.L has been detected as adware by 21 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. During install, it bundles potentially unwanted software on a user's computer at the same time without adequate consent. The file has been seen being downloaded from dh23ln0908oyi.cloudfront.net.

File name:

Publisher:

Solimba Aplicaciones S.L. (signed and verified)

Product:

avs-media-player

Version:

2.2.46.0

MD5:

009836ae2ffe3bd3251195b7e7469fe2

SHA-1:

787169f4f461e1a53c9d073e313cc1a2c49171f3

SHA-256:

8ed0895c09203e48d70eb9c8d946d626254c16fb10e1612a28c2192fe3da8fb5

Scanner detections:

21 / 68

Status:

Adware

Explanation:

May bundle additional potentially unwanted software such as adware during setup.

Description:

This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:

5/10/2024 4:15:03 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

APPL/Solimba.Gen

7.11.55.48

avast!

Win32:PUP-gen [PUP]

2014.9-140901

AVG

AdInstaller.Q

2015.0.3364

Bitdefender

Gen:Variant.Adware.Solimba.1

1.0.20.1220

Clam AntiVirus

WIN.Adware.Solimba-3

0.98/18355

Comodo Security

Application.Win32.Solimba.K

18137

Dr.Web

Adware.Downware.728

9.0.1.0244

Emsisoft Anti-Malware

Riskware.Win32.Wrapper.Solimba.AMN

8.14.09.01.09

ESET NOD32

MSIL/Solimba

8.7845

Fortinet FortiGate

Adware/Fam.NB

9/1/2014

G Data

Gen:Variant.Adware.Solimba

14.9.22

K7 AntiVirus

Unwanted-Program

13.176.11806

Malwarebytes

PUP.BundleInstaller.SOL

v2014.09.01.09

McAfee

Artemis!EBB0DCA8D356

5600.7020

MicroWorld eScan

Gen:Variant.Adware.Solimba.1

15.0.0.732

Reason Heuristics

PUP.SolimbaAplicacionesSL.Q

14.9.1.21

Sophos

Solimba Installer

4.84

SUPERAntiSpyware

Trojan.Agent/Gen-Solimba

10385

Trend Micro House Call

TROJ_GEN.RCBH1LT

7.2.244

Vba32 AntiVirus

Downware.Morstar

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

14758

File size:

172.7 KB (176,800 bytes)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Solimba DownloadMR

Common path:

C:\users\{user}\downloads\avs media player.exe

Digital Signature

Signed by:

Solimba Aplicaciones S.L.

Authority:

VeriSign, Inc.

Valid from:

5/15/2011 8:00:00 PM

Valid to:

5/15/2013 7:59:59 PM

Subject:

CN=Solimba Aplicaciones S.L., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Solimba Aplicaciones S.L., L=Badalona, S=Barcelona, C=ES

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

450EE582E26020D5F7632F2BECC6C5BD

File PE Metadata

Compilation timestamp:

8/30/2011 11:46:24 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.21

CTPH (ssdeep):

3072:9nOn7t7XpdpCCTg/sxFgJDZRiYCXMfb9W6MLcnULJyYs3JYGJkm3D:9KpdcCrTqzGwRlYuZYpmz

Entry address:

0x4327

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 83, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 84, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 84, 42, 00, 56, A3, 40, 6B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 6B, 42, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, 84, 42, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7... 
[+]

Entropy:

7.5118

Code size:

34.5 KB (35,328 bytes)

The file avs media player.exe has been seen being distributed by the following URL.

http://dh23ln0908oyi.cloudfront.net/n/2.2.46/.../avs media player.exe

Remove avs media player.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.