home

MPlayerWWService.exe

WindowsServiceMPWW

The executable MPlayerWWService.exe has been detected as malware by 9 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “MPlayerWWService”.
Product:
WindowsServiceMPWW

Version:
1.0.0.0

MD5:
5d8a3ce9dcbea9da8d5288154104648b

SHA-1:
78962fba486aa87da03545c8e5f49963532c2a43

SHA-256:
4c273cd0ecfb63bef0ece5775666ffcfe9afcde41f8fc93a23319b7d7b4b909d

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
5/23/2024 10:21:37 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11495241
902

Bitdefender
Trojan.Generic.11495241
1.0.20.1140

Emsisoft Anti-Malware
Trojan.Generic.11495241
8.14.08.16.02

F-Secure
Trojan.Generic.11495241
11.2014-16-08_7

G Data
Trojan.Generic.11495241
14.8.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.6.1.0

MicroWorld eScan
Trojan.Generic.11495241
15.0.0.684

nProtect
Trojan.Generic.11495241
14.08.01.01

Trend Micro House Call
TROJ_GEN.R0CBH09GH14
7.2.228

File size:
11.5 KB (11,776 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
MPlayerWWService.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mplayer\tools\mplayerwwservice.exe

File PE Metadata
Compilation timestamp:
7/9/2014 4:35:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
96:/LBfBWBjJo31P/Slwd0LpDoVoI96qsmfy9jxEsQuapqXl61gRmaaQQo++nh+xDVD:/Rl0LWWp0hpq8Laa6UxDBQ9MR49o

Entry address:
0x42BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
9 KB (9,216 bytes)

Service
Display name:
MPlayerWWService

Description:
MPlayer WW IO Service

Type:
Win32OwnProcess


Remove MPlayerWWService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.