home

desktoplayer.exe

люзанх

SOFTWIN S.R.L.

The executable desktoplayer.exe, “BitDefender Management Console” has been detected as malware by 40 anti-virus scanners. According to the AV engines that detect this, it is a detection for a file infected by members of the Win32/Ramnit malware family and may drop and load other malware.
Publisher:
SOFTWIN S.R.L.

Product:
люзанх

Description:
BitDefender Management Console

Version:
106.42.73.61

MD5:
d5603bad3f0e162b6487c8cd6fa42c7e

SHA-1:
a3cf173f30423e03911a2444ec08741796befb89

SHA-256:
492af54c815cc8cedd1538ab6677de0784e7b1153f9bdcbc5f131983a7fe5110

Scanner detections:
40 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/19/2024 10:43:00 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.7490575
922

Agnitum Outpost
Win32.Ramnit.Gen.3
7.1.1

AhnLab V3 Security
Win32/Ramnit.B
2014.07.28

Avira AntiVirus
W32/Ramnit.A
7.11.30.172

avast!
Win32:RmnDrp
140617-1

AVG
Trojan horse PSW.Generic10.BQRV
2014.0.3986

Baidu Antivirus
Virus.Win32.Nimnul.$a
4.0.3.14728

Bitdefender
Trojan.Generic.7490575
1.0.20.1045

Bkav FE
W32.RammitNNA.PE
1.3.0.4959

Clam AntiVirus
W32.Ramnit-1
0.98/19185

Comodo Security
Packed.Win32.MUPX.Gen
18997

Dr.Web
Win32.Rmnet
9.0.1.05190

Emsisoft Anti-Malware
Trojan.Generic.7490575
8.14.07.28.04

ESET NOD32
Win32/Ramnit.A virus
7.0.302.0

Fortinet FortiGate
W32/Ramnit.C
7/28/2014

F-Prot
W32/Ramnit.B
4.6.5.141

F-Secure
Trojan.Generic.7490575
11.2014-28-07_2

G Data
Trojan.Generic.7490575
14.7.24

IKARUS anti.virus
Packed.Win32.Krap
t3scan.1.6.1.0

K7 AntiVirus
Virus
13.181.12846

Kaspersky
Virus.Win32.Nimnul
15.0.0.494

Malwarebytes
Malware.Packer
v2014.07.28.04

McAfee
PWS-Zbot.gen.pq
5600.7056

Microsoft Security Essentials
Threat.Undefined
1.179.1326.0

MicroWorld eScan
Trojan.Generic.7490575
15.0.0.627

NANO AntiVirus
Virus.Win32.Nimnul.bpchjo
0.28.2.60990

Norman
Krap.XK
11.20140728

nProtect
Trojan/W32.Krap.114176.FE
14.07.27.01

Panda Antivirus
W32/Cosmu.gen
14.07.28.04

Qihoo 360 Security
Virus.Win32.Ramnit.B
1.0.0.1015

Quick Heal
W32.Ramnit.A
7.14.14.00

Rising Antivirus
PE:Junk.Win32.Agent.ar!1075354775
23.00.65.14726

Sophos
W32/Patched-I
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Falleg
10457

Total Defense
Win32/Ramnit.A
37.0.11085

Trend Micro House Call
PE_RAMNIT.H
7.2.209

Trend Micro
PE_RAMNIT.H
10.465.28

Vba32 AntiVirus
Virus.Win32.Nimnul.a
3.12.26.3

VIPRE Antivirus
Threat.4726519
31208

ViRobot
Win32.Ramnit.E
2011.4.7.4223

File size:
111.5 KB (114,176 bytes)

Product version:
106.42.73.61

Copyright:
2528-6142

Original file name:
nedwp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\microsoft\desktoplayer.exe

File PE Metadata
Compilation timestamp:
2/12/2008 12:02:20 PM

OS version:
10.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.4

CTPH (ssdeep):
3072:TROzoTq0+RO7IwnYHBM9jL94+s/w8E3hMsLZ:1kdNwB0BM9je/w8ExMs

Entry address:
0x2E000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 8B, C5, 81, ED, 32, 6F, 01, 20, 2B, 85, 50, 72, 01, 20, 89, 85, 4C, 72, 01, 20, B0, 00, 86, 85, 9E, 74, 01, 20, 3C, 01, 0F, 85, DE, 02, 00, 00, 8B, 85, 4C, 72, 01, 20, 2B, 85, 58, 72, 01, 20, 8B, 00, 89, 85, EA, 73, 01, 20, 8B, 85, 4C, 72, 01, 20, 2B, 85, 5C, 72, 01, 20, 8B, 00, 89, 85, F2, 73, 01, 20, 83, BD, F2, 73, 01, 20, 00, 0F, 84, A9, 02, 00, 00, 83, BD, EA, 73, 01, 20, 00, 0F, 84, 9C, 02, 00, 00, 8D, 85, 8D, 74, 01, 20, 50, FF, 95, EA, 73, 01, 20, 83, F8, 00, 0F, 84, 86...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
56 KB (57,344 bytes)

Remove desktoplayer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.