home

flvplayersetup.exe

The application flvplayersetup.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. This is the uninstaller utility registered in the Windows Control Panel for the program FLV Player. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.flvplayerpro.net.
MD5:
9d05ea7bf34585604d687731242a727e

SHA-1:
bc1725409b26cccbae8c8bb1a0c42899de06aedc

SHA-256:
30fd4fb74e48f459ee8f04e9c7d7d59a1749bad736c02218577bc1fdd17d8f90

Scanner detections:
27 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/25/2024 10:09:17 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.InstallCore.U
5892709

Agnitum Outpost
Adtool.InstallCore.Gen.3
7.1.1

AhnLab V3 Security
Adware/Win32.InstallCore
2015.08.22

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.50.62

Arcabit
Application.InstallCore.U
1.0.0.425

avast!
Win32:InstallCore-AN [PUP]
2014.9-150822

AVG
Adware InstallCore.MO
2015.0.4355

Bitdefender
Application.InstallCore.U
1.0.20.1170

Clam AntiVirus
Adware.Installcore-132
0.98/20817

Comodo Security
ApplicUnwnt.Win32.AdWare.InstallCore.3
14217

Dr.Web
Adware.InstallCore.38
9.0.1.0234

Emsisoft Anti-Malware
Application.InstallCore.U
10.0.0.5366

ESET NOD32
Win32/InstallCore.BP potentially unwanted application
7.0.302.0

F-Secure
Application.InstallCore.U
11.2015-22-08_7

G Data
Application.InstallCore
15.8.25

herdProtect (fuzzy)
variant of uninstall.exe
2015.10.11.3

K7 AntiVirus
Trojan
13.2016972

Malwarebytes
PUP.Optional.InstallCore
v2015.08.22.06

MicroWorld eScan
Application.InstallCore.U
16.0.0.702

NANO AntiVirus
Trojan.Win32.WebToolbar.dmnuxx
0.30.24.3079

Norman
Application.InstallCore.U
04.08.2015 10:30:46

Sophos
Install Core Installer
4.83

Total Defense
Win32/InstallCore!Adware
37.0.10165

Trend Micro House Call
HV_INSTALLCORE_CA2262BC.TOMC
7.2.234

Vba32 AntiVirus
Adware.InstallCore.gen
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
14006

Zillya! Antivirus
Backdoor.PePatch.Win32.38379
2.0.0.2365

File size:
518.8 KB (531,216 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\flvplayersetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:E9BEenr6nCOAAG7ghC3/PxcSq2atFjEBte4YlfuvID2ISWHcxJ:ErnrSRthEpombYQ3W8xJ

Entry address:
0x109080

Entry point:
60, BE, 00, E0, 48, 00, 8D, BE, 00, 30, F7, FF, C7, 87, 10, B7, 0C, 00, 38, 93, 0B, FF, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Entropy:
7.8923

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
496 KB (507,904 bytes)

Program Uninstaller
Program name:
FLV Player

Uninstall string:
C:\Program Files\FLVPlayer\Uninstall\Uninstall.exe /Uninstall


The file flvplayersetup.exe has been seen being distributed by the following URL.

http://www.flvplayerpro.net/default/ga/.../?dl=1

Remove flvplayersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.