home

OnAir Player.exe

OnAir Player

OnAir Player Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OnAir Player’.
Publisher:
OnAir Player Inc.  (signed and verified)

Product:
OnAir Player

Description:
OnAir Player 1.3.014 © OnAir Player Inc., 2013

Version:
1.3.014

MD5:
ce8c82b8032862f7fb721ebcd45954a7

SHA-1:
af9b45abc72c962c57e44b4210875a2fd1aeb534

SHA-256:
e0e7f3990ec6fee7fc6f149a1a32419f0eebac1ad233759b7bb954ac8d7d58a9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 2:23:13 AM UTC  (today)

File size:
564.9 KB (578,432 bytes)

Product version:
1.3.014

Copyright:
Copyright (C) 2015 OnAir Player Inc.

Original file name:
OnAir Player.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\onair player\onair player.exe

Digital Signature
Signed by:
OnAir Player Inc.

Authority:
DigiCert Inc

Valid from:
11/14/2013 1:00:00 AM

Valid to:
3/19/2015 1:00:00 PM

Subject:
CN=OnAir Player Inc., O=OnAir Player Inc., L=San Francisco, S=California, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0C7C0D20609657D4FB3B1B13F28FC963

File PE Metadata
Compilation timestamp:
5/28/2014 10:37:47 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:tJ+VQUSql8MGkn93zcLf5YR7o8ZtkGBVPj4wn1AbcTNK+US6nNFTEKKI/z8:+iql80nGfyxo8HJDK06nNFOC8

Entry address:
0xC388

Entry point:
48, 83, EC, 28, E8, 4B, 62, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 18, 48, 89, 70, 20, 48, 89, 50, 10, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 83, EC, 40, 4D, 8B, 79, 08, 4D, 8B, 21, 49, 8B, 71, 38, 4D, 2B, E7, F6, 41, 04, 66, 4D, 8B, F1, 48, 8B, EA, 4C, 8B, E9, 0F, 85, DC, 00, 00, 00, 33, FF, 48, 89, 48, C8, 4C, 89, 40, D0, 39, 3E, 0F, 86, 2B, 01, 00, 00, 48, 8D, 5E, 0C, 8B, 43, F8, 4C, 3B, E0, 0F, 82, A7, 00, 00, 00, 8B, 43, FC, 4C, 3B, E0, 0F, 83, 9B...
 
[+]

Code size:
163 KB (166,912 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OnAir Player

Command:
C:\Program Files\onair player\onair player.exe -noui


Scan OnAir Player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.