home

mediaplayer.exe

The application mediaplayer.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. The file has been seen being downloaded from s.m2pub.com.
MD5:
7e7ea61fb795c29283f8dda456f76f7e

SHA-1:
42fea9c5eefdceda4206e89a68ef2a5d7363d870

SHA-256:
0b4352f11c23eb54166064bf8d263cd6a997583d554c5fac062fa84a67a9ca96

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
May bundle various unwanted software without adequate user consent.

Analysis date:
4/25/2024 10:56:11 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
NSIS:Downloader-ABU [PUP]
160118-1

AVG
Could be an adware MultiBundle
2015.0.4489

Dr.Web
Adware.Downware.10726
9.0.1.05190

VIPRE Antivirus
Threat.4783689
46732

File size:
1.6 MB (1,688,832 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mediaplayer.exe

File PE Metadata
Compilation timestamp:
2/19/2014 1:11:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:mYmq3HplWsv2Ph1cqWzBvqeVR9Vo1bb8MnaG9kIueboeBT7sAzUrTmksThBfS72j:AZCr1qhFnNk9uoe9zUvsTC78TRmwV

Entry address:
0x4DE9D

Entry point:
75, 08, 8B, F0, FF, 15, EC, A1, 4F, 00, A3, 60, 69, 53, 00, 8B, C6, 5E, 5D, C3, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, D8, 72, 53, 00, FF, 15, F8, A1, 4F, 00, 85, C0, 75, 18, 56, E8, C9, F9, FF, FF, 8B, F0, FF, 15, BC, A1, 4F, 00, 50, E8, CE, F9, FF, FF, 59, 89, 06, 5E, 5D, C3, 55, 8B, EC, 56, 8B, F1, 8B, 4D, 08, C6, 46, 0C, 00, 85, C9, 75, 66, E8, F4, 27, 00, 00, 8B, D0, 89, 56, 08, 8B, 4A, 6C, 89, 0E, 8B, 4A, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 9C, 3A, 53, 00, 74, 11, A1, 64, 3B, 53...
 
[+]

Entropy:
6.9561

Code size:
974.5 KB (997,888 bytes)

The file mediaplayer.exe has been seen being distributed by the following URL.

http://s.m2pub.com/event/click/0/-fkhFvHnocXTDX9qgBxmMuZiZNNs8LDeXbF_HFVaAoc6XXveQLYOGTzCdKW0mh9VhE9fF3VuptZl1dSMxgb0Hks1U1sR9dpMazJnQxlBIisr43O1NfdPXriu4acwo3L9xdG27DHEFBFccVJYR8suLpTv_i_wE9LcILxLx7q3bbXvz7TiEtaTlcrOaTH89yOdRafM02D-32vHmnFi56291vUeXZOrNuheohkDYV9IEW4l-0wokc9_3z178c3ssejCKYeMZ-nTF8mq-E8bT8pOVAwjL2v4qMGo0T6oP-shbeZkK0AzDdT4g1u5sVBzLCOR-04ndBpVhHhn0Nu0hBjm9uM0H9cOEB2YjOhuL8Pli4J6O25yPFz5VlSaYIA5QaHcwgCJmCFzwqWW1Z_8cksR1uk6Y7KQ/.../

Remove mediaplayer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.