» bsplayer269.1079.exe
Overview
Analysis
File Details
Downloads (100)

bsplayer269.1079.exe

AB Team d. o. o.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from ftp-stahuj.centrum.cz and multiple other hosts.

File name:

Publisher:

AB Team d. o. o. (signed and verified)

MD5:

644b576a23877bb6dfc5883e23faecd2

SHA-1:

b6871cb00b78e42a13803430a5f38a46f362e8f7

SHA-256:

01ba7045a10ccf04cb97b3e012b51c8490c2d85d3981be6fca9c3b5573114f63

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/19/2024 10:28:11 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.Conduit

4.0.3.15418

File size:

10.1 MB (10,554,352 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\bsplayer269.1079.exe

Digital Signature

Signed by:

AB Team d. o. o.

Authority:

GlobalSign nv-sa

Valid from:

12/19/2014 11:55:18 AM

Valid to:

2/1/2018 4:31:31 PM

Subject:

E=info@abteam.si, CN=AB Team d. o. o., O=AB Team d. o. o., L=Ljubljana, S=Ljubljana, C=SI

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121492992F9EE4E18A0D148271B355BB70B

File PE Metadata

Compilation timestamp:

12/6/2009 12:50:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:5y5+S2SmCi/ZF3TPDYsEr4Jw9biCDC5QEIuoGkLqk3ChtHvKboRWoIQo5zS:gQ1j/ZZMsEgw9bGXFoG0H3ChBvKboRbn

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9987

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file bsplayer269.1079.exe has been seen being distributed by the following 50 URLs.

http://ftp-stahuj.centrum.cz/dl/6d5f8eccfc1c7058eab5ba662886bd43/565201f0/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://download7.bsplayer.com/download_free_bsplayer.php?type=10

http://esd.element5.com/affiliate.html?affiliateid=70900&publisherid=200115537&target=http://download.softpedia.com/dl/9db7f6855efd4cc3e69c815814237506/55afc96e/100107968/software/multimedia/.../bsplayer269.1079.exe

http://bsplayer.he.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqiKpp-fmZc=

http://www.shareit.com/affiliate.html?_esd=1&affiliateid=70900&publisherid=200115537&target=http://download.softpedia.com/dl/6594a3b22d800b6b69676204399db02a/56002f6c/100107968/software/multimedia/.../bsplayer269.1079.exe

http://dw.en.uptodown.com/dl/1443544397/.../bsplayer-2-69-1079-multi-win.exe

blob:http://sd-web.softonic.com/f54f5c38-c40e-4c52-8ab1-37e3c1884242

http://ftp-stahuj.centrum.cz/dl/99be85dd0e0ce6e475a7b5963341c42e/567d9257/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://ftp-stahuj.centrum.cz/dl/160117345bf2d7759d958d5529033bdf/567f3b93/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://www.filehorse.com/download/file/.../

http://dlm.bsplayer.com/bsplayer_installer.exe

http://www.slunecnice.cz/sw/bsplayer/stahnout/8352/.../?md5=LxvgXZA2f6xVqxmmh-yEIg&expires=1436656220

http://ftp-stahuj.centrum.cz/dl/e419e538ab5873b5fe8a839f1d256a2a/56423ea1/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://www.slunecnice.cz/sw/bsplayer/stahnout/8352/.../?md5=cazkwLiuHS8MqPUtnCQHSQ&expires=1444330037

https://dw.uptodown.com/dwn/E70qoLybvw316obDoasGzIzQValMQqY0kECdQ25IHuBgRUAxlYH-goNEqCQTqy7rsLNUvvJc7xcnfTBLDWDJcnmR0Iy0s65OI1yRPkgiBRDyOw1szDstN3WwXsqWOfgo/p4tQplMZO7d1s7v6yrLuV8ia1cjO13NHbi0K-hfuWL0tUIL15iyTrL_W_nekjenGEYzk0HM2Dew_Jbt38wCSMrJb46M-fybqseGP7k0dEgdV9ik-M2D-1QcXTRwm_JHK/Sme22n_b9z4uBlEdet8JsZJL60de2B9PIWMocxexkmx3peqESwy6JK6JoX6Vmg8GnRgVLJD_ZrzWVMCmVoTL2Sqzx1EY8-S57d5MRf2ZyFfUmGAMbLli9mUQFqunLIP9/.../

http://www.bsplayer.com/bsplayer-setup.exe

http://ftp-stahuj.centrum.cz/dl/bbf3288926e730c1b52197465188889c/5623cede/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://ftp-stahuj.centrum.cz/dl/9fdd86d88111d5370230e10f04284204/564e103b/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://esd.element5.com/affiliate.html?affiliateid=70900&publisherid=200115537&target=http://download.softpedia.com/dl/fd10b431e6f917b5205e3f11500c52bf/556f59ff/100107968/software/multimedia/.../bsplayer269.1079.exe

http://www.filehorse.com/download/file/.../

http://www.tamindir.com/indir/MjAxNS0wNy0xNiAyMjo0MTowNA==/bsplayer/.../2.69.1079

http://static.download.pcformat.pl/files/b/f/3/.../bsplayer269.1079.exe

http://ftp-stahuj.centrum.cz/dl/fbbcec7907d10af58ecc09d8fad01f84/559ab8a4/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://www.slunecnice.cz/sw/bsplayer/stahnout/8352/.../?md5=FnJXdTV4tZTthErAbx6KTQ&expires=1444323483

http://dw.en.uptodown.com/dl/1444428721/.../bsplayer-2-69-1079-multi-win.exe

http://ftp-stahuj.centrum.cz/dl/854d8dd906fe0e0f52757a13968e4eaf/55ab8ea9/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://ftp-stahuj.centrum.cz/dl/31e8d6dbb2915afc02b93562e33d98c4/569b38b8/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://bsplayer.bg.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqeQpJyimJc=

http://ftp-stahuj.centrum.cz/dl/4c77a4b03effcbd7e838046dd8ba84c0/55d06a16/stahuj/download/software/secured/b/bsplayer/269/.../bsplayer269-1079.exe

http://esd.element5.com/affiliate.html?affiliateid=70900&publisherid=200115537&target=http://download.softpedia.com/dl/e5f6766d9e14b08d1d63c179da4e6a25/55506a4c/100107968/software/multimedia/.../bsplayer269.1079.exe

Latest 30 of 100 download URLs

Scan bsplayer269.1079.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.