» flashvideoplayer.exe
Overview
Analysis
File Details

flashvideoplayer.exe

Internet

App Prog

The application flashvideoplayer.exe, “Internet Setup ” has been detected as a potentially unwanted program by 16 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

Publisher:

App Prog

Product:

Internet

Description:

Internet Setup

MD5:

1f856a60dc166e1e83fda88d841a4a83

SHA-1:

02324aea0da4f1d21966c1188bdf40787195f219

SHA-256:

10014392af21a7096b90f1cb2775ff897c2a0e06e7af9dc9354bd2806eab097b

Scanner detections:

16 / 68

Status:

Potentially unwanted

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/26/2024 3:58:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.A

5813571

avast!

Win32:Parite

160118-1

AVG

Win32/Parite

2015.0.4489

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/21330

Dr.Web

Win32.Parite.1

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

10.0.0.5366

ESET NOD32

Win32/Parite.A virus

7.0.302.0

F-Prot

W32/Parite.A

4.6.5.141

F-Secure

Win32.Parite.A

5.15.21

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.a

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.5053.0

Norman

Win32.Parite.A

03.12.2014 13:20:04

Reason Heuristics

PUP.InstallCore.Bundler (M)

16.2.1.17

Sophos

Virus 'W32/Parite-A'

5.22

VIPRE Antivirus

Threat.46248

46838

File size:

1.1 MB (1,139,456 bytes)

Product version:

4.3

Software web

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\programs\flashvideoplayer.exe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:TlJrQQt05X2OEXCiNCJ6DD1ok80J9/K2j7Mv8M2+V6IWwWwS:TTClOVN2vTK7Mv8EDhS

Entry address:

0x14000

Entry point:

68, F8, 2A, 80, 00, 58, 68, 1A, 40, 41, 00, 5A, 68, C4, 06, 00, 00, 5E, 31, 04, 32, 4E, 83, EE, 03, 75, F7, 90, 90, 90, 10, 57, 81, 00, F8, 2A, 80, 00, F8, 2A, C0, 00, B8, B6, 80, 00, 60, 80, 8E, 00, F8, 99, 8E, 00, F8, 9A, 82, 00, 07, D5, 7F, FF, 4C, FA, C0, 00, 9C, F8, C0, 00, 84, F8, C0, 00, F8, 2A, 80, 00, F8, 2A, 80, 00, F8, 2A, 80, 00, 4C, B6, 80, 00, 9A, F8, 80, 00, 82, F8, 80, 00, F8, 2A, 80, 00, F8, 2A, 80, 00, F8, 2A, 80, 00, F8, 2A, 80, 00, E4, FB, C0, 00, F8, 2A, 80, 00, F8, 2A, 80, 00, F8, 2A... 
[+]

Entropy:

7.9412 (probably packed)

Code size:

37 KB (37,888 bytes)

Remove flashvideoplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.