home

OnAir Player.exe

OnAir Player

OnAir Player Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OnAir Player’.
Publisher:
OnAir Player Inc.  (signed and verified)

Product:
OnAir Player

Description:
OnAir Player 1.2.911 © OnAir Player Inc., 2013

Version:
1.2.911

MD5:
4c3815f84d58a54e4226b33f98079486

SHA-1:
0a6dfd8e4efb6c310a1acc7628c7f385529cc362

SHA-256:
fd9655d334ae747ae593694a33ddf46fe87f3298f8d9991afd7be8afc4947aa7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 11:50:26 AM UTC  (today)

File size:
564.9 KB (578,432 bytes)

Product version:
1.2.911

Copyright:
Copyright (C) 2014 OnAir Player Inc.

Original file name:
OnAir Player.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\onair player\onair player.exe

Digital Signature
Signed by:
OnAir Player Inc.

Authority:
DigiCert Inc

Valid from:
11/13/2013 4:00:00 PM

Valid to:
3/19/2015 5:00:00 AM

Subject:
CN=OnAir Player Inc., O=OnAir Player Inc., L=San Francisco, S=California, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0C7C0D20609657D4FB3B1B13F28FC963

File PE Metadata
Compilation timestamp:
5/28/2014 1:37:47 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:8J+VQUSql8MGkn93zcLf5YR7o8ZtkGBVPj4wn1AbcTNK+US6nNFTEKKI/vG:viql80nGfyxo8HJDK06nNFOuG

Entry address:
0xC388

Entry point:
48, 83, EC, 28, E8, 4B, 62, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 18, 48, 89, 70, 20, 48, 89, 50, 10, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 83, EC, 40, 4D, 8B, 79, 08, 4D, 8B, 21, 49, 8B, 71, 38, 4D, 2B, E7, F6, 41, 04, 66, 4D, 8B, F1, 48, 8B, EA, 4C, 8B, E9, 0F, 85, DC, 00, 00, 00, 33, FF, 48, 89, 48, C8, 4C, 89, 40, D0, 39, 3E, 0F, 86, 2B, 01, 00, 00, 48, 8D, 5E, 0C, 8B, 43, F8, 4C, 3B, E0, 0F, 82, A7, 00, 00, 00, 8B, 43, FC, 4C, 3B, E0, 0F, 83, 9B...
 
[+]

Entropy:
6.2884

Code size:
163 KB (166,912 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OnAir Player

Command:
C:\Program Files\onair player\onair player.exe -noui


Scan OnAir Player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.