» player-chrome.exe
Overview
Analysis
File Details

player-chrome.exe

The application player-chrome.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer, however the file is not signed with an authenticode signature from a trusted source. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages. With this installer, users are expecting to download Google's Chrome web browser but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.

File name:

player-chrome.exe

MD5:

25d795088b77f21042594b065cc860dd

SHA-1:

dbc1d0d76e1083482c986beac3fe37189ed82de7

SHA-256:

088eca7eee9cd5920ab7d5b81aea1911f12d94a43f7cb87b83acfd9e645c7626

Scanner detections:

14 / 68

Status:

Potentially unwanted

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/19/2024 12:34:24 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.iBryte

7.1.1

Avira AntiVirus

ADWARE/iBryte.bxlz

8.3.1.6

avast!

Win32:IBryte-DY [PUP]

2014.9-150728

AVG

Adware AdPlugin

2016.0.3001

Dr.Web

Adware.Downware.6099

9.0.1.0242

herdProtect (fuzzy)

variant of player-chrome (11).exe (Adware)

2015.8.30.21

IKARUS anti.virus

PUA.SearchProtect

t3scan.1.9.5.0

K7 AntiVirus

Unwanted-Program

13.181.12834

Malwarebytes

PUP.Optional.OptimumInstaller.A

v2015.08.30.09

NANO AntiVirus

Trojan.Win32.Downware.dckzxf

0.28.2.60990

Sophos

iBryte Optimum Installer

4.98

SUPERAntiSpyware

PUP.OptimumInstaller/Variant

9659

Total Defense

Win32/iBryte.QODbcf

37.1.62.1

VIPRE Antivirus

Threat.4778314

31208

File size:

315.9 KB (323,448 bytes)

File type:

Executable application (Win16 EXE)

Bundler/Installer:

Adknowledge Fusion

Common path:

C:\users\{user}\downloads\player-chrome.exe

File PE Metadata

Compilation timestamp:

7/18/2014 5:28:32 PM

OS version:

5.0

OS bitness:

Win16

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:1riNkJdFZiYiBZNENLrgo2SLhp+bTVU4al63opwZ:1XL6NENLrtvh2gpwZ

Entry address:

0x181F5

Entry point:

E8, C2, 8D, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 24, D4, 43, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 84, D0, 43, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63... 
[+]

Entropy:

6.3888

Code size:

238 KB (243,712 bytes)

Remove player-chrome.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.