home

flvplayersetup.exe

The application flvplayersetup.exe has been detected as a potentially unwanted program by 31 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program FoxTab FLV Player. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from aff.foxtab.com.
MD5:
b60f3cd95c4034a9d354b7eba78af64d

SHA-1:
eedca1018534ec0798d87f260be83ed50136730b

Scanner detections:
31 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/26/2024 3:09:57 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.InstallCore.M
1013

Agnitum Outpost
PUA.Agent
7.1.1

AhnLab V3 Security
Adware/Win32.InstallCore
14.04.28

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.145.120

avast!
Win32:PUP-gen [PUP]
2014.9-140428

Baidu Antivirus
Adware.Win32.InstallCore
4.0.3.14816

Bitdefender
Application.InstallCore.M
1.0.20.590

Clam AntiVirus
W32.Adware.InstallCore
0.98/18355

Comodo Security
ApplicUnwnt.Win32.AdWare.InstallCore.2
19181

Dr.Web
Adware.InstallCore.39
9.0.1.0118

Emsisoft Anti-Malware
Gen:Variant.Graftor.41302
8.14.08.16.09

ESET NOD32
Win32/InstallCore
8.9729

Fortinet FortiGate
Riskware/InstallCore.AAAA
4/28/2014

F-Prot
W32/InstallCore.C.gen
v6.4.7.1.166

F-Secure
Application.InstallCore.M
11.2014-28-04_2

G Data
Application.InstallCore
14.4.24

K7 AntiVirus
Adware
13.183.13043

Malwarebytes
Adware.Installcore
v2014.04.28.12

MicroWorld eScan
Application.InstallCore.M
15.0.0.354

NANO AntiVirus
Trojan.Win32.InstallCore.rqzir
0.28.0.59492

Norman
InstallCore.ESKQ
11.20140428

nProtect
Trojan-Clicker/W32.Agent.1098632
14.08.13.01

Panda Antivirus
PUP/MultiToolbar.A
14.04.28.12

Reason Heuristics
Threat.Win.Reputation.IMP
14.8.16.21

Rising Antivirus
PE:Malware.Graftor!6.870
23.00.65.14426

Sophos
Install Core Installer
4.98

SUPERAntiSpyware
Adware.InstallCore
10639

Total Defense
Win32/InstallCore!Adware
37.0.10903

Trend Micro House Call
HV_INSTALLCORE_CA220296.TOMC
7.2.228

Vba32 AntiVirus
Adware.InstallCore.gen
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Generic
28648

File size:
1 MB (1,096,072 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\flvplayersetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:psSXtCK7/VosCFgtcheW0Nsr6nk8QARTDGM85:CitCItoVFgaheW0l7QARTDGM8

Entry address:
0xC1B06

Entry point:
55, 8B, EC, 83, C4, F0, B8, F1, A4, 4A, 00, E8, A8, E6, FF, FF, 58, BA, 27, 1C, CB, 66, 1B, 4B, B9, 15, 57, F3, 91, 4C, 08, A1, FD, 1C, E2, 9B, D9, 8F, C6, 3C, 9B, 84, 63, 61, B0, 09, 75, DB, 61, 97, 68, AF, 3B, CE, 61, 8B, 24, 83, 04, CC, 84, 46, 7F, EB, 35, B7, A7, 34, 1E, 4D, 32, 12, AC, 58, 55, 72, 94, 75, 60, E9, 82, BB, 17, A0, AF, 45, D5, 3E, 7B, F6, D1, 60, 83, 93, FC, 39, DB, 84, 5F, 75, 53, EE, E5, 86, F8, ED, 00, E6, 41, 14, 94, FB, 89, 8B, 12, AF, CF, 75, AF, D6, D9, 58, 25, 08, 36, D1, 6D, 83...
 
[+]

Entropy:
6.7693

Developed / compiled with:
Microsoft Visual C++

Code size:
786 KB (804,864 bytes)

Program Uninstaller
Program name:
FoxTab FLV Player

Uninstall string:
C:\Program Files\FoxTabFLVPlayer\Uninstall\Uninstall.exe /Uninstall


The file flvplayersetup.exe has been seen being distributed by the following URL.

http://aff.foxtab.com/flvplayer/amkt/.../?dl=1&lp=flvadv0&pub_id=2271&ce_cid=009fEjHfmCX73bon7E3Zdu4iDN000000

Remove flvplayersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.