hd_player__cd5mtcd13345_89bdb0c6c6745604784c758a4e61a42a.exe

Vlc Player

DOWNLOADIOUS

The application hd_player__cd5mtcd13345_89bdb0c6c6745604784c758a4e61a42a.exe by DOWNLOADIOUS has been detected as adware by 2 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.wowhdwow.com and multiple other hosts.
Publisher:
Downloadius  (signed by DOWNLOADIOUS)

Product:
Vlc Player

Description:
vlcplayer

Version:
6.1.0.0

MD5:
aecf3771e4012de0aed5a450bf10043f

SHA-1:
0dc687be92ccf6def88e1d0b41751ceedce1f16f

SHA-256:
0f8e17510514fae99d12a21a38d53ca584647e2e6afea1c930f9a7ec301a64ac

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
5/25/2020 11:15:16 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Toolbar.Montiera
8.10325

Reason Heuristics
PUP.DOWNLOADIOUS.y
15.1.4.13

File size:
553.2 KB (566,504 bytes)

Product version:
2.0

Copyright:
Downloadius

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\livingroom\hd_player__cd5mtcd13345_89bdb0c6c6745604784c758a4e61a42a.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/1/2014 7:00:00 PM

Valid to:
4/16/2015 6:59:59 PM

Subject:
CN=DOWNLOADIOUS, O=DOWNLOADIOUS, L=TEL AVIV, S=ISRAEL, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
67AAAF219EFE0304E095EA03F4AB7E9B

File PE Metadata
Compilation timestamp:
12/5/2009 4:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:rE5tap+6EBr/+Zvwc4Ht+pY9nWW6NPBSBdZchgB9goPis/LnaYy:A5tap+6EBwwcfpYcPBSB/igB2WLn/y

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9734

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file hd_player__cd5mtcd13345_89bdb0c6c6745604784c758a4e61a42a.exe has been seen being distributed by the following 50 URLs.

http://www.wowhdwow.com/.../dl122a546df8ae3cfd2051a890fc874e30f09fcf0c.php?aflt=CD5&mt_aflt=CD13378&cid=4f7b7662437db3e7f712420e4fbeb2a4

http://www.hdvidzme.com/.../dl8dfb93a09d2c0fa4847d564fe7798ca770b14c6a.php?aflt=CD5&mt_aflt=CD15092&cid=5936f92b9dc33fd288724b01b8c31a04

http://www.flowvidz.com/.../dla217c258234523a5a3a315faa2547703f1366ba5.php?aflt=CD5&mt_aflt=CD13050&cid=cba287e29377800c62281c1cfaf774d0

http://www.cometomehd.com/.../dl3c43c5f5f8bfce42662a0b93569de7e06a630ffa.php?aflt=CD5&mt_aflt=CD15092&cid=3c95e3419a659b3fa9873eb66b9c82cd

http://www.hdrunnerz.com/.../dl89152e9ead5c674d977fa823479bfa81e863ed77.php?aflt=CD5&mt_aflt=CD15092&cid=30d239f5e5041eeb3603974c1fa8190a

http://www.hdvideome.com/.../dlf92c2c23e6e31cd13471c345bc6b14f2d5c57bb6.php?aflt=CD5&mt_aflt=CD13050&cid=5058305c5d65dfa37f48f618521fd956

http://www.hdrunnerz.com/.../dl9d0a021389e2bd0e563ba9cee0d71899a44c7f25.php?aflt=CD5&mt_aflt=CD4349&cid=48f342984957b030ba7625ffad0cddf6

http://www.hdrunnerz.com/.../dla4c37cab8463a7c8aa011036a000f1590d2afc5b.php?aflt=CD5&mt_aflt=CD15092&cid=102d51b1ac232715dd8c2cd61a898f3b

http://www.wowhdwow.com/.../dl7f34232734b04e9501463b5e3e8c7367665c8060.php?aflt=CD5&mt_aflt=CD13345&cid=1296b0e54f9da8d0b745a65652947459

http://www.wowhdwow.com/.../dl15f10cb3b665ef574354d600a9814b8a5c0f6716.php?aflt=CD5&mt_aflt=CD13345&cid=fb54d2f72a3886efd0b76c1fcf9b8312

http://www.hdvidzme.com/.../dl26b25184ac6f970916f30ea3740f060bd8c1f628.php?aflt=CD5&mt_aflt=CD23864&cid=3b087db5afc9c7fe9908a4f31b1e446c

http://www.streamvidznow.com/.../dl20fda1b5318d07666152fddb6f887097513dd3a6.php?aflt=CD5&mt_aflt=CD4349&cid=fd6931afc51fe52b0e653a2fbe69f886

http://www.hdvideome.com/.../dl3dd864048badd592017138568271832188cc9c00.php?aflt=CD5&mt_aflt=CD13050&cid=623f2b61c18a80687cc1ed52c647ef24

http://www.myfriendhdplayer.com/.../dl0960ad38b8078b5b5a25af6f573c1e7abccd1632.php?aflt=CD5&mt_aflt=CD15092&cid=92d4dfaf4a76db98f078ac681c16941d

http://www.yespleasehd.com/.../dl74fd9aaa0dceb641b76efb939cd4f0625cbc0d2e.php?aflt=CD5&mt_aflt=CD15092&cid=faca84ad04e4db1bbcad6d5a16bc4696

http://www.myfriendhdplayer.com/.../dl50537a85f25e1fd893eeaf63f51ab258e7aa1e4e.php?aflt=CD5&mt_aflt=CD15092&cid=b5e4333c31d3b4a0b57c7711e4444d82

http://www.driveinhdnow.com/.../dl595f7eb78a2e982ef7f3ad2377537771500105ef.php?aflt=CD5&mt_aflt=CD13345&cid=c4d7035bac27cd49acfd062365ff278c

http://www.yespleasehd.com/.../dlb38946cccff07f19636cb14d916e0cf804a9f406.php?aflt=CD5&mt_aflt=CD15092&cid=4ccafa8e0d1a6c64d82bf4d1e84afec1

Latest 30 of 126 download URLs