» bsplayer.exe
Overview
Analysis
File Details
Behaviors (4)
Programs (2)
Network (1)

bsplayer.exe

BSPlayer v2.63

AB Team

It runs as a scheduled task under the Windows Task Scheduler.

File name:

bsplayer.exe

Publisher:

AB Team

Product:

BSPlayer v2.63

Description:

BS.Player

Version:

2.6.3.1071

MD5:

eb81bcbd060b08a8d3e3b37866d415e7

SHA-1:

41c42b612fabfa910396f4f5afa91be7ca80c220

SHA-256:

9192e13038953cebd6eb48bd5184b0d75d20cd894244005204d5c589b2b31321

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 10:10:24 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.XPACK/RDM!5.1

23.00.65.131219

File size:

1.9 MB (2,035,712 bytes)

Product version:

2.6.3.0

Original file name:

bsplay.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\webteh\bsplayer\bsplayer.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:nIFtteH2elYTaRBacvojixIZHSCysenfsIleT:I7WYuLacvosIZHSCanUIleT

Entry address:

0x64C170

Entry point:

60, BE, 00, 70, 88, 00, 8D, BE, 00, A0, B7, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Packer / compiler:

UPX 2.90LZMA]

Code size:

1.8 MB (1,859,584 bytes)

3 Autoplay Handlers

Display name:

BSplayerCDDA

Display name:

BSplayerMusic

Display name:

BSplayerVideo

Scheduled Task

Task name:

{112E3E5C-B2F4-474C-8674-D59A766E025B}

Trigger:

Registration (Runs on registration)

The file bsplayer.exe has been discovered within the following programs.

BS.Player FREE by AB Team, d.o.o.

BS.Player FREE bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.bsplayer.com

28% remove it

BS.Player PRO by Webteh, d.o.o.

BS.Player is a media player for Windows that plays back several types of multimedia files (including AVI, MPEG, Ogg, Matroska, ASF, QuickTime, MP4, WAV, mp3...) and specializes in video and audio playback. BS.Player is by the Slovenian software company Webteh.

29% remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to www.opensubtitles.org (92.240.234.122:80)

Scan bsplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.