home

myradioplayerSvc.exe

myradioplayer Service

myradioplayer

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application myradioplayerSvc.exe by myradioplayer has been detected as adware by 17 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “myradioplayerV1”.
Publisher:
myradioplayer  (signed and verified)

Product:
myradioplayer Service

Version:
4.0.0

MD5:
66204911d626bac7df9eb3e05963c95d

SHA-1:
4a42e764cc950ed9c576cb503eac2032badccc02

SHA-256:
b9efb2f667701de759f5877596eed1a2b52f8c7b8f0e0108ce31bb7b8554f0a8

Scanner detections:
17 / 68

Status:
Adware

Analysis date:
5/11/2024 10:23:36 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Sendori.E
806

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

Bitdefender
Adware.Sendori.E
1.0.20.1625

Comodo Security
ApplicUnwnt
18705

Emsisoft Anti-Malware
Adware.Sendori
8.14.11.21.11

ESET NOD32
Win32/AdWare.Sendori (variant)
8.10015

Fortinet FortiGate
Riskware/Sendori
11/21/2014

F-Secure
Adware.Sendori.E
11.2014-21-11_6

G Data
Adware.Sendori
14.11.24

Kaspersky
Packed.Win32.Krap
14.0.0.2913

MicroWorld eScan
Adware.Sendori.E
15.0.0.975

nProtect
Adware.Sendori.E
14.06.27.01

Reason Heuristics
PUP.Service.myradioplayer.Q
14.12.18.11

Sophos
Generic PUA AF
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10224

Trend Micro House Call
Suspicious_GEN.F47V0627
7.2.325

VIPRE Antivirus
Threat.4729122
32210

File size:
115.7 KB (118,520 bytes)

Product version:
4.0.0

Copyright:
© Dynamic Network Services, Inc.

Trademarks:
Dyn (sm)

Original file name:
myradioplayerSvc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\myradioplayer\myradioplayersvc.exe

Digital Signature
Signed by:
myradioplayer

Authority:
VeriSign, Inc.

Valid from:
8/14/2014 8:00:00 PM

Valid to:
8/14/2017 7:59:59 PM

Subject:
CN=myradioplayer, O=myradioplayer, L=San Leandro, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
42911589C907180DE25AE153A05008F6

File PE Metadata
Compilation timestamp:
10/7/2014 6:59:40 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
1536:AsKg8xHRz3+90uyUO7E8KsDbU0WoyC3mykvNVnw5HQm6WHFrn8:As0xHF3+9jsqgURykvHnwXHFA

Entry address:
0x27A7

Entry point:
E8, 32, 3B, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 04, D3, 40, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 48, D1, 40, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, 30, 41, 00, 89, 0D, 04, 30, 41, 00, 89, 15, 00, 30, 41, 00, 89, 1D, FC, 2F, 41, 00, 89, 35, F8, 2F, 41, 00, 89, 3D...
 
[+]

Entropy:
6.0057

Code size:
47.5 KB (48,640 bytes)

Service
Display name:
myradioplayerV1

Description:
Sets and maintains myradioplayer protection on this computer.

Type:
Win32OwnProcess

Depends on:
WINMGMT


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-184-72-39-228.us-west-1.compute.amazonaws.com  (184.72.39.228:80)

TCP (HTTP):
Connects to ec2-50-18-178-55.us-west-1.compute.amazonaws.com  (50.18.178.55:80)

TCP (HTTP):
Connects to checkip-ams.dyndns.com  (91.198.22.70:80)

TCP (HTTP):
Connects to checkip.dyndns.com  (216.146.43.70:80)

Remove myradioplayerSvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.