» gomplayerglobalsetup.exe
Overview
Analysis
File Details
Downloads (108)

gomplayerglobalsetup.exe

GOM Player

GRETECH

The application gomplayerglobalsetup.exe, “GOM Player Setup File” by GRETECH has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

Gretech Corporation (signed by GRETECH)

Product:

GOM Player

Description:

GOM Player Setup File

Version:

2.3

MD5:

caddceafcc0ec0468b3c2e01392c3f6d

SHA-1:

96b504f7897519b748a4322e60ceeef43fb437fb

SHA-256:

60e831a3972af06bd9c95b90d8eef6aad9282b0462718044f48a2bd6d09c485a

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 2:22:55 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.GRETECH.GretechC.Installer.Meta (L)

16.6.10.10

File size:

27 MB (28,310,008 bytes)

Product version:

2.3.3.5254

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\gomplayerglobalsetup.exe

Digital Signature

Signed by:

GRETECH

Authority:

Symantec Corporation

Valid from:

12/21/2015 8:00:00 AM

Valid to:

6/17/2017 7:59:59 AM

Subject:

CN=GRETECH, O=GRETECH, L=Gangnam-gu, S=Seoul, C=KR

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

59B4F88AACBE29B5C1AE3340C2C0F244

File PE Metadata

Compilation timestamp:

4/4/2016 4:19:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:2NdBFxviOMlu1ECBQe4GkVsixXNDwI1Opi:2NB5iOv134XbxXNDwG

Entry address:

0x33B6

Entry point:

81, EC, D4, 02, 00, 00, 53, 56, 57, 6A, 20, 5F, 33, DB, 68, 01, 80, 00, 00, 89, 5C, 24, 14, C7, 44, 24, 10, 30, A2, 40, 00, 89, 5C, 24, 1C, FF, 15, B4, 80, 40, 00, FF, 15, B0, 80, 40, 00, 66, 3D, 06, 00, 74, 11, 53, E8, 67, 31, 00, 00, 3B, C3, 74, 07, 68, 00, 0C, 00, 00, FF, D0, BE, B8, 82, 40, 00, 56, E8, E1, 30, 00, 00, 56, FF, 15, 5C, 81, 40, 00, 8D, 74, 06, 01, 80, 3E, 00, 75, EA, 55, 6A, 09, E8, 39, 31, 00, 00, 6A, 07, E8, 32, 31, 00, 00, A3, 44, 02, 47, 00, FF, 15, 3C, 80, 40, 00, 53, FF, 15, A4, 82... 
[+]

Entropy:

7.9998 (probably packed)

Code size:

24.5 KB (25,088 bytes)

The file gomplayerglobalsetup.exe has been seen being distributed by the following 50 URLs.

https://dw.uptodown.com/dwn/Ir92QNwyK737Wu19ebpXyZdk7e_ZDB9iXNvETNSX0n4yZ8uK0kpmX3VQi_yF3AHhQ3R1Ff7rK3XYRtTRxIX7IHUo1-YTHtmlasnK22RbNMKrL61n7Glc3JPK7aYLOdj8/4gmbrDLdbiekFy60xFj0AsG7ZO9-vs2T_uCuxeTPeAZtqZlJOuNGoGAFfh3LNF2wKb2J6y1aVj5BMHzaWx1RbRIu5jE5pVbe8-pPf4-AEwaU_k9tDJ4NuWEYzUcobw5Y/ADKGLKBJY91TfikrIhAxEYithVu1Zb1I5uDB1ZI1jGsZnDJXks_sm0TQ_lYFVelL0ZVszO-VvXvPRSqsaYRbMYSswL7zNmZSTLQjaMIHi6XbHlhF6mbaCxJpaBbWfcdA/.../

https://dw.uptodown.com/dwn/fY-JGw0mBKeS3cF-iaBtuoxnv9g7KmdgSmG6s7EyJN6T5a9UEcbD3z4u3W5WRjeK7MXgPXl0QqNUvDmuc5a3Y5CM0KH27w2QuoPpAf5EAoGIQU1K4bPv1XFdmuCG6VsW/nef2rrE0k5JMNt3W0V3qSLBVjOy-qh7T-SS5z3GcPZseS7SUJ9aFPQfQ2BulPIW11eU7eFRhXuAdirXvtrrqnGBkvbybGMSmP1QjB_wPY8CG6iNhrFmAImvivBuemrYL/Lh2O3RmPxSjTfHYUI9lxPvbJpYOv70T-h_2ruuCDxSQz87dA11kklAI9l10Cnrpt72tvMykhcqZr3EzGSTjevtp23UwYafS2WbwLn3T2Y_gDmgM4Mben2U4hy2p8VMrq/.../

https://dw.uptodown.com/dwn/IK7q-hcGwvjX7id811gO8gOZCCP44dW-wyNb0OckcuZLh5tlkVECHptIfWyLrNNj0cp_CNd8qdd46RXmO_6cmfmAguXRpO5zYgziRqPyV_WmxvQnz_YzwYK6KMLgyPUa/hbCHTX3TiMvmF8tUEWXt9PDQD1ID33zrkifwJ3LApl2uZc2JKti30Jit56HFaXJEz1IquCjwbc8JvDNiDRm_eu_ElZXRW256d1LnqTTP24NvAqoKdp19DjQ0n6N6j_0F/Fbu5GxDUx7Tz92lCSIooAiUha75SrV6K7jbhlAEIcSWPis6zPVUZj-2l1mrxPrjjV4vLGAZSC3Uu7uWvAf_fY3N7kQYX8zl4rh-8ZKVsQYzehjqk3G2Lco2wkGdVr2nm/.../

https://dw.uptodown.com/dwn/WVSdtr_k1hbmh87IVplkgVmMAc4sPu9giCQbu121ng8-72GLfvtwNKuiiyAzDn-3QrHm1rcz51fOGgMWsv8oaeX-T_sIb7I3YsWb6hz3-cZDUXuw5GUlHTufa5UvdDT-/qCMmJmJ8lwZLhLoQ4Ts7-3rFGOr8Rd9SlAcquvcUVMOU5qjuF9iJ8hQbtuD6wssvNgaAHMEGBHoW5Oj2NPqG5lJpSR7C0Zumo5k1O3omMnGdiAXneL4ctdFTu5EVmD6g/kWPbpOwiNKzQ_wlKN3dFDzu2l4sN60nICJGsaQnDj9wDMMdAfh2CX92IZbk4AKjBEULEqoji80Aj6dCjZDZxr2o9Ba_F99jyC8eJfdNqPwm_UwuDtkBzJr3t3VPD_umg/.../

http://ftp-stahuj.centrum.cz/dl/724aca145e6b65e1c3a141d35c31a00e/577a7a23/stahuj/download/software/secured/g/gom-player/.../GOMPLAYERGLOBALSETUP.EXE

https://dw.uptodown.com/dwn/wyCOPjRqJd-oOPcLHpGy8hmnNO2i1ssmzEjTc6zdzyo2RWbVos5KajMOVhMXdm4wDrdxbxEprKQincaIXVYXdMCrJOY71uaZp_Y4-GS68NBRbJLA-7T0hQBkq-bVujto/QkrPsKJ_K0XWAOGoJo8RlU4Ua-njddvAxr08jtKtx4QaCIOZyQTd2TJs-dOo728gu-wHRomFbplSgPRRB4Mey0acu4aulrOBQEEhTzsQqb0M1lgZCpWYLmMGu0HU9iIe/.../

http://indir.gezginler.net/i/34200/.../

http://cdn2.mydown.yesky.com/soft/.../GOMPLAYERGLOBALSETUP_2.3.3.5254.EXE

http://ec.ccm2.net/ccm.net/download/.../GOMPLAYERGLOBALSETUP-2.3.2.5251.EXE

http://besplatnye-programmy.com/.../download.php?id=1603

http://ftp-stahuj.centrum.cz/dl/4c4fe84b250ba80e74cd826f1b04df65/576fb676/stahuj/download/software/secured/g/gom-player/.../GOMPLAYERGLOBALSETUP.EXE

https://dw.uptodown.com/dwn/oUjyShVDxNivbVcDO1T4DKVtYfAwiDtjtLvr4DpbBfzwPNhEpTXuoTOwY7ktUZU-Vx071GjUg8uHHNxSvsM_CCN80J3KjpGWLYxwpmjqDQPgaQ93gmHbBKFT_NbVw5By/baDOm0ESTMNzCSFcZ2Kw21ujfvGwQX1zIJEInR3MT9DEO2npvJ14lnRPDAVfMkW6ewgc6DIPjOZVk2nemQlApflcRtCD3aqCs5e8CAanniESUsoDIjDDMYWJIQrNU7Ve/Hg0FYIOM4TZ2-lf6yDnDSJtGAVGPLBdc7J8KA8aRuAggcXTM02L8oFwrTGvl8embRBEczYPJgU-D8F22ZaFY0ApCHAFqW-bs9bN4Ztpo2HbrBXePb1KNiO4o1V5RyCkB/.../

http://indir.gezginler.net/i/34200/.../

http://dw.uptodown.com/dwn/FJ_DDFpd8Hx8c3k3e2f6qGYyOUvWF3dI9AZ5ClNfm2tgtbAD_b5Vs-SxO8XTBhdt4W96yzJ7z8L4UeJMAVu6G0dRf05U1wRs7d0WblJE83fudzCefr0CWW3tlqPoCqXO/rQGfy0xuHNymhEbvbKCvZPmxB7WatzMts7qqm_XOvkDwTOeA58Vik4DwLTDRrXEeArNCx1c-KCjsT8wAih_Niub7Mkbm0s5lHWUcrSKvyX8zTmEG3n8OJXwmEfV4RhrP/.../

http://data2.mujsoubor.cz/downloadFile.php?n=Z29tLXBsYXllcl8yLjMuMy41MjU0LkVYRQ==&s=05c9p58c6ffg6mp5barr4ot856&r=532c9aa90f3b997ba0f691b0eb527a8e

https://dw.uptodown.com/dwn/4NA1VjGtulOglZPnLLRzwcEycICtG7o96tJFa8xi5pDgj8LcjrCcIiGZjfhH87fdxQKz05yqPRS0tpfIBL7mRtRWYl9vi4fG-g3N3bMvsKp4bSNc4ghNDNKuVhTSvx9k/WRwWzn0Z03ybJSxJ_IFDdehvT-1lB1bfx6C6q3dt0gLO9eHOYQUGN5nOG3RPEAVFnf83_9qDEzIVOCJ0phVreui6jq83bHq2cjrDpbvBrt9c0csMUlX9Vl_Oz_xtSRCr/.../

http://dw.uptodown.com/dwn/7227NMwukphnfEmboQhrtSDXzxvi_S-RjDXRAEhqtHRK3gxcREiA0VEi19SUA0P0hD8R9GNtHIKvNWdLgCYta1QEWvs9xaDqFFLnxcVTXz9UqKMFbqwuZoPEXbQ1Gyoi/V-Ra_dB-_eqV6jZ4J7WvEVTD9BsIblbLAz3NpyzJGTP0ezn7wpZ0XBXqoVTN1Mq6sOLo7yXGMq8ny5crKMsndaCU3rPsrWqPWEdoOi3VajUeZ7hROhRkt7iN94pAVcXk/.../

http://dw.uptodown.com/dwn/AE-D82qO4gxikeBCg-pdvUPj86OBGr76tDt-Aunfs5ZIpK_2LoogyU7ZQACAfLWaP3elYU36-VTLcaoJqKm6rz3MQrSwkbG7Tuq6oqnk1HHcSLdTcn7IriAJ8px2s6IV/y8RsXpyDfiWRMssK2UQZGJSXXF0cTA9kSwYv9qffDs7f3B62h-3--IKo8lubeni9g3ziCV4_xEdFyiR_lU7PRvAfVSCTsF-zWrzzX3CE65YSNMqg6i6-CrPuMruTxR71/.../

https://dw.uptodown.com/dwn/vsvO2vzXPJNgRn0FNqQhKBwoDHF5yq2EsIVJmgvrHeO9L-rkMXKTe-xsAZbM-SGeG1G6-MFxTYavy6ugY2Tp_WJs2yiSjLf3IW9U36_3RNq0ZtujoBNPMnrJy80u_h9a/9M7NXPF2pPesawf2l8b2HJmmRvkg9HiA0cVrOfkIRZ-kDZpIG7ghaL1Y9ftGlNY4oCTmQLQovPTX3rz85yPLj8aY0IbCp54nqPs7vexIbxcKU7j41v8Fnofd8Q37f4bs/PXQEyp_6jrI0fn3qGKl2TbRmdwARvlj2WXw8_Qz7kAmkuSCE1qy_zo6qQynb_d2Ue4sWkDdyUYPMZ2t3JSSAcFgLkwGqueCMn0FhNHG_Q_mLYgCvnXhGjt--yqv8sul9/.../

http://dw.uptodown.com/dwn/L6In_nnmmbKTe8ANo-pOWu81bSoCYg9IsOjSTlG8Y6hAmB5Lq5h65xzfQJneI77jlUb4D1dAyrUd1aVcb6O6AadfKULpKulRQeRnqQaA4Pw9y9WSLgpIDXlk1HlwShG6/PrjWzTVV6meO8ovHpQz6RsCoqew9jq583BaikvijFS7VvELWfa1W-P_yDcqrYfaPkoYg5L0S_LRXe0yYShrUQtPgqH1uvqKqRW_T-OQYqBLyUuj9TxkHZJHKTLTy1hJd/.../

https://dw.uptodown.com/dwn/5upQPl9FxbWDi-gyMlRc0P-XeIJJXHcpJfT0SoRvb4138VGWGnTOB_yUefw1P_fWF7nS5FwsF10SyhGclECbjrIq-tkvSIyz5C1qWSynhsjyHr3uw6m6pMJy3YS151tu/e33OOiaqfu1wVzmysgh7WWbG_ea1qOFwEgfvFkgh7OTtHsMiTBBbKtDt5jsbwrq1eb3LGn2sPF1JtpgNfsEFONbvxj9-jPaCOfvhU2YPLb7g5Q_OmlUnkQ-_999om-gI/.../

http://indir.gezginler.net/i/34200/.../

https://dw.uptodown.com/dwn/hrefOXNurhK-gFynZkPZJjb_mkLJMwAlQ08DAVG3nZpUlwy6zwZbtnXTSn7TYYB_MpVztZgmPufShf-Uw94obaU_fbJAOPawyZaBn8vmGsMtvdQLHE6bLzGTALuUijW3/xa3krcS_zTWrIqgEPR-behj1LddUuBcqaTn68HzA_XWwZLgfPW9RqaGj9aMEd_UuWzKQ6mcci5HLU8T1KWC8MQEYYfTqwDvVWig_CvrEWdFPjkL5FJnbrwoLl5XGAo5Y/0PJjCoy8Wz1OLfssf03PxjKeejYzqVn_8ZrmIdnqvT6RiXCL7lk_ITCgybEvAWlL_R_1v15o2d4Ney1kxwBvBqGGIwD-7Tkk4jxrT5g-uoDHHiZbQElutckeo8nU6kBx/.../

http://indir.gezginler.net/i/34200/.../

https://dw.uptodown.com/dwn/An6J08h94GTRyTEeufxQ0di8ZQ8pY9Aeqq13AGy6nNh6m4bikANGTTKKTS3JdBhsbdjklNn2jaJGbQukLbKGGwBikij9ptTCsI5JQIMzPQa0ONWOsl3X7nj_QqqX7Qy3/zV-VVBEljG_PN18WEl9Zz3fik5SdtzN5xWBix20ZXetpWSl1yAQ3l21jxKtkXd6JL4mXC5y8CXMcuitdqQdNHstwfZoaHQFG7LU42Gkxb3Y0DiQzfJgL22KOTe76d28n/.../

https://dw.uptodown.com/dwn/IffhcF4H_s70bdwyAR2BgjKGyDY-JALgSSKGZaxYL1-UJL0zkJhX94eVjQppq-0kn6E_QcUaO86fM74aF3P1gRr7bbngEm-gdtppYJxyTgVUGs2tKvcsj2XY3LYQ5Ij8/Gyjcq1FP_kUdndHXadFjx267EU4i4XdJObvpp4G7HaCMB7cBTuIGfuAulTLY7r7O87_p3ia7H2EJ87z2kk2HdA2bFZou-agT_tp6AlCHYcrLO0tTpLZJPMh33L_Ekg75/EoHhP3IJrpo7tMv5OLE6c3jYR0dGKr-zRTlbLdUd29QoUZ_NtxkpMZZAWHiIdvUwcn0lBz0k56ArydX1k-uh41a6i7-GstmtyFOy24x3W7u3jH32sM9sZXjSNkhngySX/.../

https://dw.uptodown.com/dwn/vpPF-_cjhY9HNlfyoXOy6WVovwLTJIWfxw0CPgg-_HZUp6tMLaGjUVVlTxhZu232SBeEtv2mil_P_-Df1GZb53IN9XAfgG6vXuwnRsdVKDwH4uBEqZsSnlBX1q9hIw9u/Y2DFNJeGw07CCwambEAf2PDLsQYMnJFwgxxY-Xusu11X91_OcwuodZp8aC7DyH1Vevf93JNZA2E_X1pOe1Vuk6zOaNYeO5fXVjBYW6nKEN-3SSkxDt0TQFnOkE1-ZnvM/lzJowPNP2WHkLWRguMg2ZT7p0O1LeZzmFPo58K5csZdQtXJhdpUm1EjGTAWMHgE3od8NyYcCgownsxSlSjAr3kCcZXN4A8Yk0KJ6DpCf2nxZkWdjD8cAARqVZmjyAWWz/.../

https://dw.uptodown.com/dwn/0kBTgoIY2aUpd8AW22-N3_M5q0aHClZcUhmz9aXohdjGwZJhYnkf7PvE0p-XnJKGYYLjt_GNdk7WtZ3uUFTwy6plcuBlVqncnq6yR4arCjDWnAXXj6yZOqtd9RC0_4_y/fX9ogA3wduS0uTFZBuuAi-Ye3zu7ybCgxAnw3G2km-XsM9RvrjIUUXxpfXtDfucq5DsZoWA_Lmg37N5_jQPGwy5HORrvKpVdz_bkMxksuKpyyhDucdHgwL7wa_mNHj7F/.../

Latest 30 of 108 download URLs

Remove gomplayerglobalsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.