home

last.fm-2.1.36.exe

Last.fm Scrobbler

Last.fm

The application last.fm-2.1.36.exe, “Last.fm Installer ” has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from cdn.last.fm and multiple other hosts.
Publisher:
Last.fm

Product:
Last.fm Scrobbler

Description:
Last.fm Installer

Version:
2.1.36

MD5:
0e11922aa42311cd9b6bec0db101b620

SHA-1:
e712a657c9a265b98a821c1b43e0bd3a5fdce801

SHA-256:
a9a4b73d33cdea47a5427f3cda550fdfc368a182064e091d0566efa0fe4a50fb

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/26/2024 2:46:39 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/InstallCore.Gen7
7.11.205.2

ESET NOD32
Detection.Undefined
7.0.302.0

File size:
624.2 KB (639,146 bytes)

Product version:
2.1.36

Copyright:
Copyright 2012 Last.fm Ltd. ©

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\last.fm-2.1.36.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:O20tCtfUGX45v2+mvWSdcVHTix2QnDG38qBbNlQcGFfmrQLQwmkhzmhT3QXeK:O204UGX6AclixjnDGMT/9lNmkhzO2

Entry address:
0x9B60

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 66, 95, FF, FF, E8, 6D, A7, FF, FF, E8, 98, C9, FF, FF, E8, DF, C9, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 17, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, E0, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C8, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 17, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9326

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file last.fm-2.1.36.exe has been seen being distributed by the following 2 URLs.

http://cdn.last.fm/client/.../Last.fm-2.1.36.exe

http://www.last.fm/.../windows

Remove last.fm-2.1.36.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.