home

installer.exe

ExpressPlayer Installer

http://express-player.com

This is a self-extracting archive and installer. The file has been seen being downloaded from express-player.com.
Publisher:
http://express-player.com

Product:
ExpressPlayer Installer

Description:
Expess Player Installer

Version:
1, 0, 471, 1

MD5:
2c0c430274c88854bde64afb9f50480c

SHA-1:
485d58c6c45f8961cdde6158f714867bf0be81fa

SHA-256:
183eafa04c3e08e854d3a58e67a799e4dc51c49dc670280dd397094c2e85863e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/19/2024 6:42:27 AM UTC  (today)

File size:
3 MB (3,180,176 bytes)

Product version:
1.0.0.1

Copyright:
Copyright http://express-player.com (C) 2014

Original file name:
ExpressPlayer.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\downloads\installer.exe

File PE Metadata
Compilation timestamp:
12/29/2014 11:21:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:7xES3n/bMDzR3jDFwDthBdyI8UN4/OLYDLAMvMqAMZdyhEYjHHhYn:+4/QDrktl8UN4VAMCf9rh8

Entry address:
0x4F6000

Entry point:
60, 70, 01, 48, 53, EB, 06, C6, C3, 23, 0F, BF, F2, 69, D2, B1, 21, E5, 0D, 09, F7, 0C, E1, 85, FD, F2, FF, CD, 0F, AF, CA, F3, E8, 00, 00, 00, 00, C7, C3, 20, 1C, DF, 2F, F7, C1, E2, AD, 29, 68, 76, 03, C6, C1, CF, EB, 04, B2, F2, 8A, DE, F2, 85, E9, F3, 0F, AF, F3, 1A, F9, F3, 87, F6, 8D, 32, 8B, DE, 11, F6, 8D, 0B, 0F, B7, F3, FF, CE, 4E, F3, 2B, D2, EB, 05, 87, DB, 4B, 88, CF, 0F, C1, CA, 0F, B7, F2, F2, EB, 0F, 81, DE, B6, 47, 2A, CD, C6, C5, B7, C7, C6, 27, E4, 72, 8E, 52, 8D, 1D, 60, C8, 19, FC, 69...
 
[+]

Entropy:
7.9096  (probably packed)

Code size:
790.5 KB (809,472 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://express-player.com/installer.exe

Scan installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.