» player-chrome.exe
Overview
Analysis
File Details

player-chrome.exe

The executable player-chrome.exe has been detected as malware by 4 anti-virus scanners. The program is a setup application that uses the Adknowledge Fusion installer, however the file is not signed with an authenticode signature from a trusted source. With this installer, users are expecting to download Google's Chrome web browser but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.

File name:

player-chrome.exe

MD5:

1083fbd8be959ce14b50fb0c7e20e871

SHA-1:

9b267e6daf68b3cd05868d98a311b54076e0b71a

SHA-256:

5bb6dd405ec5de948b2f14eefdc4a03401dffcfa1addf91d0bc03b1c867132d0

Scanner detections:

4 / 68

Status:

Malware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/20/2024 12:02:32 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Reason Heuristics

Threat.Win.Reputation

15.4.24.19

Sophos

iBryte Optimum Installer

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10279

File size:

310.8 KB (318,240 bytes)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Adknowledge Fusion

Common path:

C:\users\{user}\downloads\player-chrome.exe

File PE Metadata

Compilation timestamp:

7/21/2014 4:00:14 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:rvPXC/16IuFYCebiiv5eefEofRCf+WCNUrx0Tcapttt:TARLjeecIgfKox0Pptf

Entry address:

0x16F65

Entry point:

E8, C2, 8D, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 24, C4, 43, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 84, C0, 43, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63... 
[+]

Entropy:

6.3885

Code size:

233.5 KB (239,104 bytes)

Remove player-chrome.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.