» BlitzMediaPlayerBrowser.exe
Overview
Analysis
File Details
Programs (1)
Network (3)

BlitzMediaPlayerBrowser.exe

BlitzMediaPlayerBrowser

The BlitzMediaPlayer is an adware program that is desigend to provide a 'free' media player (which is just a wrap of a number of open source components) but also will monitor a user's web browser activity and display out of browser context advertisements and malvertisements based on such activity in order to get the user to download bundled adware distributions from (DomalIQ, AirInstaller and others). The application BlitzMediaPlayerBrowser.exe has been detected as adware by 2 anti-malware scanners. This file is typically installed with the program Blitz Media Player - a modern video player by Jenkat Media Inc. which is a potentially unwanted software program.

File name:

Product:

BlitzMediaPlayerBrowser

Version:

1.0.11.0

MD5:

f4682c6dad2840869c4606d884c77b3c

SHA-1:

e63920f0c43b4871b428d06bc7e11b5fcee35b84

SHA-256:

e2c6aeebb7c5a10e4b08d70e8000f65355f0759e3fcd8def4dba0f3fc6f13035

Scanner detections:

2 / 68

Status:

Adware

Analysis date:

4/23/2024 5:08:05 AM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.X

188838

Reason Heuristics

PUP.BlitzMedia.X

14.5.8.0

File size:

830.5 KB (850,432 bytes)

Product version:

1.0.11.0

Original file name:

BlitzMediaPlayerBrowser.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\blitzmediaplayer\blitzmediaplayerbrowser.exe

File PE Metadata

Compilation timestamp:

10/29/2013 3:44:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:iyNdbBbuT3suI8a3gcInMcROp3Pp223CtBRcpWPp2Q:zB3lcRMp223CvR9p2

Entry address:

0x767BA

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 78, A6, 05, 80, 10, 00, 00, 00, 0E, A7, 05, 80, 18, 00, 00, 00, 52, AA, 05, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

3.3523

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

466 KB (477,184 bytes)

The file BlitzMediaPlayerBrowser.exe has been discovered within the following program.

Blitz Media Player - a modern video player by Jenkat Media Inc.

This is a potentially unwanted ad-support media player that will popup advertisements.

blitzmediaplayer.com

87% remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to ec2-54-235-107-24.compute-1.amazonaws.com (54.235.107.24:80)

TCP (HTTP):

Connects to ec2-54-208-92-161.compute-1.amazonaws.com (54.208.92.161:80)

TCP (HTTP SSL):

Connects to ec2-23-21-77-56.compute-1.amazonaws.com (23.21.77.56:443)

Remove BlitzMediaPlayerBrowser.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.