home

mediaplayer for windows, mpui.2011-03-27.full-package.exe

MPlayer for Windows (2011-03-27)

Free Software Foundation

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Free Software Foundation

Product:
MPlayer for Windows (2011-03-27)

Description:
MPlayer for Windows (2011-03-27), Full Package

Version:
2011-03-27 (Build #86)

MD5:
aaab0b8e2f55d39f2e9c5a31ff2fbb02

SHA-1:
1a9f1f1a0e2ea603f9ad7bac6ad684ff26311e88

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/16/2024 6:20:50 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Win32.Generic.12831195!310579605
23.00.65.14514

Trend Micro
PAK_Generic.001
10.465.16

File size:
37.1 MB (38,897,225 bytes)

Product version:
2011-03-27 (Build #86)

Copyright:
© 2000-2010 The MPlayer Project

Original file name:
MPUI.2011-03-27.Full-Package.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
12/5/2009 11:52:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:KgoQ57wbswLT6U9hytoadDxkRax9XSTdYhJjjTUWByCQ5j7IQiPveTUy90:KgT7wbxLOsO9jUSMXItgC

Entry address:
0xADAD0

Entry point:
60, BE, 00, 90, 4A, 00, 8D, BE, 00, 80, F5, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
8.0000

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
20 KB (20,480 bytes)

The file mediaplayer for windows, mpui.2011-03-27.full-package.exe has been seen being distributed by the following 20 URLs.

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1442821338&Signature=ZCvjAgKSV4QIThOOau-~jUOtC0xQi8tiLd7HK0iXiE7IPKNWy4QqmbtNd7HTdOGXMQkv8NXPIceAm8ecTsEyk~Ityqkcstv0OUDcDAvjCXKtKzzh01269Mlmc~p6wUj9YjOxIsMF2kbk0uITxSkKCnKU-m2CotrGd-QUb1TaLmI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_es&type=PROGRAM&Expires=1479904542&Signature=ZliL2kqEDPaWjAoTek7KhvRizCfpmx0THKUzDmglsRB9EiE6YT0Hqttie3NuGNfH0qA--72hXt~Nok72M17XKlcP6oxf2suutYr7PyBWJeUgZy-D1BF~zlSoxYDqE~cYHyh1pNdp0~QwNA7wh37htlYJcbsFbHilm-58pLSUaFA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1452297422&Signature=GQTnoLPvgFLUmCVdtJ1ZZYwoBzBV--0wjVc1zGY9KYivcdGDZOZoQtuhJJqQRmJoTO29AFOvpw7Djk4X3xeI2a~ZSaz-5OHcSwKVOSMr3NFEsB5RZv0u001rAfmsFSmiCZ87fHNyWg7nO~MKKP6Ict-LUX9en1LCkUwSdcrwQKo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1431679897&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=R5kH4qaV4TzJnTESUgMsaEB0ndR03Dk~rfJ9evwVG2X9sGpinT29Ma9FyQq-lQ-8Mu61RwAS-2Hx4jPZZpEYcP6Y89G0Tvq8zH6qPEHgZyCumuluPFr5kcMzBcpBROfyMM4G0lLVhHuXmSfFc05hpT~i4aREX--AyaVr3eYc-yo_&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1464811270&Signature=AG7XSw81zky4~SxJpGeba-wcKdIPSeuTzuF8EVEXCBBu6jCOb4AWxF7zZX4x0wzdbVU9~0YvNa6EkIyjLbwLDZnfaPFd9MSwF3m2uAHUG7nnCWz3bucUB9yMV~DEmYHbaEd4Eb1gbYL79~BXgRh-F3DPox4ymAYhd4XPO4TJMa8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1461804905&Signature=QA0CgVojv2QuiwsBw6jpedCS0IWcHhQlxu~gaLUmxzSXEUWEW3DushkI71QbO7~aA2DlJOP6TTg0pZd~75ZH7bPxualLJpUbryTbN4s83F2XLjD7HeJ56wNHuSxKa2nAVcFUXCzaRNbs03pCO3G~TXfDew29fMx4O2jXsDsF2bk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_es&type=PROGRAM&Expires=1445125732&Signature=BKvtBgIsnUQ2m8BTH2nXYhJfj7N3JmWhAyCJL~dPSyQ5VfwU55CnhnRNjBj0GLbGwJmUuKobHNIz4tvtdJKPhsTTalzprowF~pJ8-nsK28fR6XxRWZQkfFs5hqEnS3SkqxNax5FBZSTHNZRP0w6ZXGE9HPlvfjlK~vPw2UnBqrg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1455612187&Signature=MY-U5WTW3Py4ZfPsZLNXghfC~rx50ItKwxuhCFZ1HDp2FRf025PGjsQPSs7AW7P9DSWE1hNHM8NhZOQBiexwHuAfSG16ST9WAiCBkp3So1Inqy6Rao63IfyVeSbDE1Dey4rDJTb5Y75K9Dc5R95-BTZJ1pWQuc68SNL6JwbVuDI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_es&type=PROGRAM&Expires=1454409069&Signature=acoPztG8GCebye7IrU5IRjRvUlYJz2qWbbje~SLlUk4Fh7WLWIKZ92upMhAI1oWWbNpBgUvhuhBrXOO--VEF8PSWMfLfq902ymPifhlibaZ9g970BFFzv2hVmeWMsyxRIdAJo3GdWm8OwxQHUlNKfMXNOALJOk46gK2U8IxD5Sc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1465199175&Signature=GhTKcaoD1dt7bKPiKPUFeOb4XttuKA6bmE-gZdZVqTzqY~Oa1A~MGTYqzUZawMaEOYyVAU0ypRDigmVG5mvBBFWHdVh9XBNLD1jEsp4~hGVLMUdlh1QHhsSvSFI37SRcakwHwtmL25pYjcPndU3tN-hb7HhUPKPY6mN7FWBqJq8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1464588586&Signature=A-CeCpR8ZYtyqY17O1TD6rDYhpcoAjuQ1IuJETsRS0vihLY7DcZEQsmVIW6J6zSmBlVhqs0r0-5RBAMnMxFTUfN0Rv5hUBnhMDgxDJ6u2uSB417E77oaHObSLbTzSauKb0E7W0Q~OLsI4yYBWz-5nyN~tdDMgZdqnDU-J5TeLsM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1462868841&Signature=Q5h1QJ7D2vg0t8UzqAbcV6WDXXLAz30BQAUmXXPzFeYodq5CBycrshGDtFZAse2BzWriPHmwTg9RCkcj84wMkDaeNAYHVoO3ep6n6F03NlM30tEFC0NiSbDTJfVIUbIhk2S7P3QMB8IZ2gox8FAqIkOfz0ZbwF~pf7~zXlmZ5uQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_es&type=PROGRAM&Expires=1446273495&Signature=XzkwoVhTemYnaxth~E~Kc5Sv85ZonIP8~wBRDhpKn7qhMPD409PAhM3fW7bRHXbINaF2rKBrqFgbSSFmwiaUlC0YaZd~XoHD8PdXXn2jxtw3Ojo92fsIsyEpvKFaSqWwXwrWBlXjZ3suJtPAjoW6ATIojYQqunp0AiRY~dE~Dkg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1461721466&Signature=EwTBrvOPglNY9Nyfpz4f4-7GSDZn6TcmGz-wX-YzqFrP1rBqUobjsbEpIbHshlU9FmK3mwHaB0BSMqdanGcgkfg2ZSPZYbJL4beIo2Elm3RNl3J3zPfeBKR8G9y7LMGoqVc9XamE8hOKSJp9XS6FzWsfFwkULdHOZ7m9NsrIuHg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1459053285&Signature=ColEhJ32xhJNmPgv9gOxl-K8ypEYVLfqvJEcafxneuIFVEIDXvvqO8ag5IJL3mbpd80W6eEhm-J3mwrgC-PYYnCOjaDSHXPKO3O0ks1St9lmfjJiZv5Uak9D63Bqn~E1SEnwc5ml5HUGBhzb26L5U4qa087P2DjC813nZ2TgOZ4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1452935533&Signature=GC1G08lkSuNZ~G~U9byQRuS95agegNsOCQiXT54QtqdS3RIIDK38ohvY95CVaujYP998eeAiDB7O~olUOhwBqF89~~ARhHeJg1mfaYPdoouYyy0gGGggDUrCsgrRopqDahmSvQuLS6ixSXXxVOJLL1kWNxc~TZuqDa5-IgbGhak_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1451725279&Signature=YXDHBoEA6FHoNIcE0ew6gHK6SF4n0Qh~9jRmg2bftYqyVCGJouMF0inSbPeaNuAxQblGVbkvyuhE~SQ7Jbo8moRGRxVOCcWZ9GzKbfZBEd3u5pR00Yn0SR-ZnCbYD0cAp3akWLFl05lX3isXk-gvH2as3TS1FyW52DXjZIiLuj0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_it&type=PROGRAM&Expires=1454287640&Signature=hgCjsf9~IABKe3OyJj3a9ScGs-tLZYHIkslF1tljhRMNBUiArTvj-zgQhPhlb5zHNtyJ1E7DUEplFyOAhD2jvvKiHWF8nprF5RY8Y~JzsvxUVnFNcV9hqytessYcIJK9YuEfGmso4e-mYSBNEYKfBF9a6wrfUKjWy-mhoWimKL4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MPUI.2011-03-27.Full-Package.exe

http://gsf-cf.softonic.com/1a9/f1f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40406&instance=softonic_es&type=PROGRAM&Expires=1434070808&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=C090QY1nDG46tSmcReDTyfKyNgN6C7Df94Qp~eHDkgFsNjpL7uzmRAHn9QYbYqlqZYnCywBYccMqt2P-rMA5UYFqqJQ8yCFOYpKI3BKV6~BAf40NJSftQgrxEAsJMOvvj2TYalG4JTd50wqEvyfFD9V89supUHcUMAePOPMYdzU_&filename=MPUI.2011-03-27.Full-Package.exe

http://mulder.googlecode.com/.../MPUI.2011-03-27.Full-Package.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.