home

bsplayer_installer.exe

AB Team d. o. o.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from download.softpedia.ro and multiple other hosts.
Publisher:
AB Team d. o. o.  (signed and verified)

MD5:
b271c3e4df67eb90413123c7a279d867

SHA-1:
c61b6938dca8e3c382c8b14ec1ca637ab6b5614f

SHA-256:
43fba2970af984bde6fdec1178d05fd93fbba676d657a9c292edc41a78f040aa

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/27/2024 1:36:59 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.14410

File size:
10 MB (10,510,216 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\bsplayer_installer.exe

Digital Signature
Signed by:
AB Team d. o. o.

Authority:
GlobalSign nv-sa

Valid from:
11/7/2012 7:56:23 PM

Valid to:
1/2/2015 4:31:31 PM

Subject:
E=info@abteam.si, CN=AB Team d. o. o., O=AB Team d. o. o., L=Ljubljana, S=Ljubljana, C=SI

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F5B096D2BC17224819F6D88085887D85

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:tSOHJKJAlmhbDiw5QnQtxhtHvKA4Wbr3XmDc/1:t5JQTbnH3hBvKoCDct

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9988

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file bsplayer_installer.exe has been discovered within the following programs.

BS.Player FREE  by AB Team, d.o.o.
BS.Player FREE bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.bsplayer.com
28% remove it
jAlbum  by Jalbum AB
Jalbum consists of freeware cross-platform software for managing and creating digital photo galleries, and a free / paid-for photo sharing service on which to publish them.
jalbum.net
4% remove it
 
Powered by Should I Remove It?

The file bsplayer_installer.exe has been seen being distributed by the following 4 URLs.

http://download.softpedia.ro/dl/e918fb3e204bf76ce14dfb81496152ee/51138d50/100107968/software/MULTIMEDIA/.../bsplayer_installer.exe

https://doc-0k-00-docs.googleusercontent.com/docs/securesc/nurnuq9af54trsg6fog66kejlhdij36a/0s7qmi28i1216ghs532e3aj28ako6aqm/1443988800000/.../05874268950890650186/0BzHTFNtiMivTV29HWGhvY2ZSdWs?e=download

http://biblprog.org.ua/go.php?site=http://files2.biblprog.org.ua/soft/B/.../BSPlayer_264.1073.exe

http://www.softango.com/.../65160

Scan bsplayer_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.