home

bsplayer263-1071.exe

AB Team d. o. o.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program BS.Player FREE. The file has been seen being downloaded from download1us.softpedia.com and multiple other hosts.
Publisher:
AB Team d. o. o.  (signed and verified)

MD5:
40fd07318f0212bf82bb1d3ca5f69c3a

SHA-1:
74f98950113c9013ca108aff90d22caa3343c6b7

SHA-256:
1f4937c1edf59397c659130fcfde263463c9d819650a1d4e2d193a3b655276cd

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 2:51:30 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131216

File size:
10.1 MB (10,638,576 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\bsplayer263-1071.exe

Digital Signature
Signed by:
AB Team d. o. o.

Authority:
GlobalSign nv-sa

Valid from:
12/2/2010 9:31:37 AM

Valid to:
12/2/2012 9:31:32 AM

Subject:
E=info@abteam.si, CN=AB Team d. o. o., O=AB Team d. o. o., L=Ljubljana, S=Ljubljana, C=SI

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012CA7B08C78

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:DESP7mwYFgPV64JmzQvpFf+bgBaAAOz0HahtHvKA4Wbr53mDmKeA:DbjmwYGPVBUqF+sBaAuahBvKowDmy

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9987

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file bsplayer263-1071.exe has been discovered within the following program.

BS.Player FREE  by AB Team, d.o.o.
BS.Player FREE bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.bsplayer.com
28% remove it
 
Powered by Should I Remove It?

The file bsplayer263-1071.exe has been seen being distributed by the following 14 URLs.

http://download1us.softpedia.com/dl/697ba96715129268eb8fdf9d43dc9dc4/50c8ab4a/100107968/software/multimedia/.../bsplayer263.1071.exe

http://dox.abv.bg/.../DownloadFile?eid=132725485&sha=0&m=

http://download.slunecnice.cz/slunecnice/d5b692eaeb3e100ab27acf63585b0a5f/50e0585d/win/.../bsplayer263-1071.exe

http://download3.bsplayer.com/download_free_bsplayer.php?type=1

http://download4.bsplayer.com/download_free_bsplayer.php?type=1

http://download.softpedia.ro/dl/1ec4fad18f095e53d63d5e6a6ef4fb70/50e822f9/100107968/software/MULTIMEDIA/.../bsplayer263.1071.exe

http://www.bsplayer.com/.../downlad-free-bsplayer.php?type=1

http://dl.cdn.chip.eu/downloads/.../bsplayer263.1071_RO.exe

http://www.bsplayer.com/.../downlad-free-bsplayer.php?type

http://download6.bsplayer.com/download_free_bsplayer.php?type=1

http://download2.bsplayer.com/download_free_bsplayer.php?type=1

http://sd-cf.en.softonic.com/16000/16261/.../bsplayer263-1071.exe

http://download7.bsplayer.com/download_free_bsplayer.php?type=1

http://universal-downloader.en.softonic.com/16000/16261/.../bsplayer263-1071.exe

Scan bsplayer263-1071.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.