» kmplayer_3.4.0.59.exe
Overview
Analysis
File Details
Programs (1)
Downloads (22)

kmplayer_3.4.0.59.exe

KMP Media co., Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program The KMPlayer (remove only). The file has been seen being downloaded from fs31.filehippo.com and multiple other hosts.

File name:

Publisher:

KMP Media co., Ltd (signed and verified)

MD5:

709ea69ec5889e0eca73acc18f56275d

SHA-1:

390d3410e6b0b18e80eaaaf56195dfa9b07b93af

SHA-256:

075520de6d1ebc1c3d96f0c911281d96ca305394f9311337ebb6049b0562f1ff

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/29/2024 5:50:49 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Bundled.Toolbar.Ask (variant)

8.9301

Rising Antivirus

NS:Malware.Install!1.9F21

23.00.65.14101

File size:

24.3 MB (25,499,208 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\kmplayer_3.4.0.59.exe

Digital Signature

Signed by:

KMP Media co., Ltd

Authority:

Thawte, Inc.

Valid from:

9/8/2012 3:00:00 AM

Valid to:

10/9/2014 2:59:59 AM

Subject:

CN="KMP Media co., Ltd", O="KMP Media co., Ltd", L=Seongnam-si, S=Gyeonggi-do, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

66502206A0488141A898E4B41EE1FD92

File PE Metadata

Compilation timestamp:

12/6/2009 1:50:46 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:Fx5jZjw88vGL3Wgq8YU+AkBdN6jeHv9bj:Pjwt99Xk29bj

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9999

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file kmplayer_3.4.0.59.exe has been discovered within the following programs.

The KMPlayer (remove only) by KMP Media co., Ltd

K-Multimedia Player (commonly known as The KMPlayer, KMPlayer or KMP) is a media player for Windows which can play a large number of formats including VCD, DVD, AVI, MKV, Ogg, OGM, 3GP, MPEG-1/2/4, WMV, RealMedia, FLV and QuickTime.

www.kmpmedia.net

22% remove it

The file kmplayer_3.4.0.59.exe has been seen being distributed by the following 22 URLs.

http://fs31.filehippo.com/9695/.../KMPlayer_3.4.0.59.exe

http://dox.abv.bg/.../DownloadFile?eid=96425582&sha=0&m=

http://software.naturalbd.com:81/KMPlayer_3.4.0.59.exe

http://dl9.hamirayane.com/Download/DL4j1Lmv1r7QL73ruD10D58uhQuaepC5eXbE22/KMPlayer/.../KMPlayer_3.4.0.59.exe

http://windows.indir.com/kaydet.php?x=TmpZeE1FQkFRRWhoVTBCT09EY3p8fHxlZTA3OTQzMjU3MzBiYjM1MTY3YWQ3MDFkMDU3MzRkNw==&m=1

ftp://tvs.naturalbd.com/disk2/.../KMPlayer_3.4.0.59.exe

http://dl.cdn.chip.de/downloads/.../KMPlayer_3.4.0.59.exe

http://download1046.mediafire.com/5gbmn943u6lg/.../KMPlayer_3.4.0.59.exe

http://store.kaldata.com/.../KMPlayer 3.4.0.59 Final (kaldata.com).exe

temp:KMPlayer.exe

https://doc-0g-8o-docs.googleusercontent.com/docs/securesc/ab8rm6dvs6uegh8lnoqdemachh5qdnhr/paq5bfst5roft7fb4d2da3b04fsbfo2i/1478620800000/.../04092555893176155092/0B4pkPSsgCsG0ZlE1R25ZdWR3anc?h=13560922363486130757&e=download

http://www.24uploads.com/files/0/.../Download KMPlayer 3.4.0.59.exe

http://media.pipexbd.com/.../KMPlayer_3.4.0.59.exe

http://dl2.hamirayane.com/Download/DL106R65lx43xOrrImh9AdEmu6NaogQE77G969/KMPlayer/.../KMPlayer_3.4.0.59.exe

http://dl2.hamirayane.com/Download/DL1A3w64C1lYzpxKv7tMk32uCQ2u1iotB6Ek10/KMPlayer/.../KMPlayer_3.4.0.59.exe

http://www.izone.ru/.../go.php?action=download&id=4114&key=9591114

temp:KMPlayer_3.4.0.59.exe

http://fs31.filehippo.com/4113/.../KMPlayer_3.4.0.59.exe

http://www.m-learning.ru.ac.th/.../KMPlayer_3.4.0.59.exe

http://www.filehippo.com/download/file/.../

http://www.videohelp.com/.../KMPlayer_3.4.0.59_00_20121108085356.exe

http://cdn.kmplayer.com/KMP/player/download/.../KMPlayer_3.4.0.59_00_20121108085356.exe

Scan kmplayer_3.4.0.59.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.