home

player-chrome.exe

System Applet

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application player-chrome.exe, “System Applet ” by System Applet has been detected as adware by 39 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. With this installer, users are expecting to download Google's Chrome web browser but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.
Publisher:
System Applet   (signed by System Applet)

Product:
System Applet

Description:
System Applet

Version:
2.4.8.1

MD5:
6370ff62f08415f00b9de810fc042dfc

SHA-1:
4ec8f144b2e060ae352999f03a92ef879d832797

SHA-256:
1095f880c841698ecf4e4a6ee77459649f7809a1ca9216d76ba17c71c18dc68a

Scanner detections:
39 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 2:38:33 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Symmi.44025
355

Agnitum Outpost
PUA.iBryte
7.1.1

AhnLab V3 Security
PUP/Win32.OptimumInstaller
2014.07.13

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.159.66

avast!
Win32:PUP-gen [PUP]
2014.9-160215

AVG
Adware AdPlugin
2017.0.2833

Baidu Antivirus
Adware.Win32.iBryte
4.0.3.16215

Bitdefender
Gen:Variant.Adware.Symmi.44025
1.0.20.230

Bkav FE
W32.VikesluLTAH.Adware
1.3.0.4959

Clam AntiVirus
Win.Adware.Ibryte-2033
0.98/19431

Comodo Security
TrojWare.Win32.IBryte.AE
18809

Dr.Web
Trojan.DownLoader11.25708
9.0.1.046

Emsisoft Anti-Malware
Gen:Variant.Application.Kazy.427497
8.16.02.15.11

ESET NOD32
Win32/AdWare.iBryte.AW application
10.7.0.302.0

Fortinet FortiGate
Riskware/IBryte
2/15/2016

F-Prot
W32/A-c255719d
v6.4.7.1.166

F-Secure
Application.Bundler.AO
11.2016-15-02_2

G Data
Win32.Adware.IBryte
16.2.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.180.12657

Kaspersky
not-a-virus:AdWare.Win32.iBryte
14.0.0.658

Malwarebytes
PUP.Optional.OptimumInstaller.A
v2016.02.15.11

McAfee
Trojan.Artemis!48B17064A988
5600.6489

MicroWorld eScan
Gen:Variant.Adware.Symmi.44025
17.0.0.138

NANO AntiVirus
Riskware.Win32.IBryte.dbjabf
0.28.0.60698

Norman
IBryte.PDB
11.20160215

nProtect
Trojan-Clicker/W32.iBryte.227192
14.08.14.01

Panda Antivirus
Trj/Genetic.gen
16.02.15.11

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

Quick Heal
Adware.iBryte.DK4
2.16.14.00

Reason Heuristics
PUP.Adknowledge.Bundler (M)
16.2.15.11

Rising Antivirus
PE:Malware.Agent!6.175E
23.00.65.16213

Sophos
iBryte Optimum Installer
4.98

SUPERAntiSpyware
Adware.OptimumInstaller/Variant
9322

Total Defense
Win32/Tnega.XABfAXD
37.0.10836

Trend Micro House Call
TROJ_GEN.F47V0310
7.2.46

Vba32 AntiVirus
Signed-Adware.iBryte
3.12.26.3

VIPRE Antivirus
Threat.4778314
31088

Zillya! Antivirus
Backdoor.PePatch.Win32.38062
2.0.0.1851

File size:
205.4 KB (210,296 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) 2013 System Applet

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\player-chrome.exe

Digital Signature
Signed by:
System Applet

Authority:
COMODO CA Limited

Valid from:
3/23/2014 5:00:00 PM

Valid to:
3/24/2015 4:59:59 PM

Subject:
CN=System Applet, O=System Applet, STREET="4600 Madison Ave, 10th FL", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
18FCD6B5EEB5AEC66D0222B5CA1850D9

File PE Metadata
Compilation timestamp:
7/13/2014 2:00:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:gVvjTAyj7llvqVA0LQDaChbnOfLwJi9I4ta5VZNp75n0pNV:gVvnBlUVSDOzvtyVZNpB0pNV

Entry address:
0xACC8

Entry point:
E8, 0F, 38, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C...
 
[+]

Entropy:
6.4124

Code size:
137.5 KB (140,800 bytes)

The file player-chrome.exe has been seen being distributed by the following URL.

http://yourinstaller.com/o/.../Player-Chrome.exe

Remove player-chrome.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.