home

player-chrome.exe

The application player-chrome.exe has been detected as a potentially unwanted program by 45 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from install.oinstaller9.com and multiple other hosts.
MD5:
1937480de4d5879d68b66af3fc0b2d4b

SHA-1:
af1f7c089261a2d65b7701b2e08774ce82ab6494

SHA-256:
b8e4f311129ed759a71f7a2c335faf343375e23be303f82c8a744d9a24f24cb2

Scanner detections:
45 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 2:09:27 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.OptimumInstaller.1
870

Agnitum Outpost
PUA.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.OptimumInstaller
2014.05.22

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.147.26

avast!
Win32:IBryte-DA [PUP]
2014.9-140917

AVG
Adware AdPlugin
2015.0.3348

Bitdefender
Gen:Variant.Application.Bundler.OptimumInstaller.1
1.0.20.1300

Clam AntiVirus
Win.Trojan.Agent-724568
0.98/19283

Comodo Security
Application.Win32.iBryte.WRP
18286

Dr.Web
Trojan.Packed.26508
9.0.1.0260

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.OptimumInstaller
8.14.09.17.11

ESET NOD32
Win32/AdWare.iBryte.AM application
8.7.0.302.0

F-Prot
W32/DomaIQ.G2.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Application.Bundler
11.2014-17-09_4

G Data
Win32.Adware.Ibryte
14.9.24

IKARUS anti.virus
AdWare.iBryte
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.177.12013

Kaspersky
Trojan.Win32.Badur
14.0.0.3235

Malwarebytes
PUP.Optional.OptimumInstaller.A
v2014.09.17.11

McAfee
GenericATG-FGI!02EC0BDF7C3C
5600.7004

MicroWorld eScan
Gen:Variant.Application.Bundler.OptimumInstaller.1
15.0.0.780

NANO AntiVirus
Trojan.Win32.Agent.cxjjsz
0.28.0.59608

Norman
Downloader
11.20140918

nProtect
Trojan-Clicker/W32.iBryte.250664
14.07.06.01

Panda Antivirus
Trj/Genetic.gen
14.09.17.11

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

Quick Heal
Adware.iBryte.DK4
9.14.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.9.17.23

Rising Antivirus
PE:Malware.iBryte!6.192B
23.00.65.14915

Sophos
iBryte Optimum Installer
4.98

SUPERAntiSpyware
PUP.OptimumInstaller/Variant
10353

Vba32 AntiVirus
AdWare.iBryte
3.12.26.0

VIPRE Antivirus
Threat.4778314
29418

Zillya! Antivirus
Adware.iBryte.Win32.854
2.0.0.1790

File size:
217.6 KB (222,799 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\player-chrome.exe

File PE Metadata
Compilation timestamp:
5/4/2014 5:00:17 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:bozN5v+Er3b0T3VTkD0FwtEqh67WRmRjQVuQiJiv4zhY35toI:czN5W+3oT31kQWVpRIjQVJoI

Entry address:
0xE7F2

Entry point:
E8, 85, 65, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 80, C2, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 3C, C0, 42, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63...
 
[+]

Entropy:
6.3920

Code size:
171.5 KB (175,616 bytes)

The file player-chrome.exe has been seen being distributed by the following 2 URLs.

https://install.oinstaller9.com/o/.../Player-Chrome.exe

http://yourinstaller.com/o/.../Player-Chrome.exe

Remove player-chrome.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.