» player-chrome.exe
Overview
Analysis
File Details

player-chrome.exe

File Monarch

This is published and distributed via an Adknowledge's advertising supported (adware) software installer. The application player-chrome.exe, “System Applet ” by File Monarch has been detected as adware by 39 anti-malware scanners.

File name:

player-chrome.exe

Publisher:

System Applet (signed by File Monarch)

Product:

System Applet

Description:

System Applet

Version:

2.4.8.1

MD5:

2612fb9cb76bf39c5ffff0a560eae913

SHA-1:

e5e7c95dc345505abf6ae5a1846d49816d175204

SHA-256:

4cb0bab3100511c453782e17651fa2778eecbae564360a1f6d7c44995acb9281

Scanner detections:

39 / 68

Status:

Adware

Explanation:

This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Analysis date:

4/26/2024 12:39:17 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.IBryte.AD

868

Agnitum Outpost

PUA.iBryte

7.1.1

AhnLab V3 Security

PUP/Win32.OptimumInstaller

2014.06.24

Avira AntiVirus

Adware/iBryte.bxmz

7.11.165.150

avast!

Win32:PUP-gen [PUP]

140908-2

AVG

Adware AdPlugin.YY

2014.0.4015

Bitdefender

Adware.IBryte.AD

1.0.20.1310

Bkav FE

W32.VikesluLTAH.Adware

1.3.0.4959

Clam AntiVirus

Win.Adware.Ibryte-2382

0.98/19406

Comodo Security

Application.Win32.AgentCV.HWYE

19108

Dr.Web

Trojan.DownLoader11.26958

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.iBryte

14.09.19

ESET NOD32

Win32/AdWare.iBryte.BB application

7.0.302.0

Fortinet FortiGate

W32/Zbot.AAN!tr

9/19/2014

F-Prot

W32/DomaIQ.G2.gen

v6.4.7.1.166

F-Secure

Adware.IBryte.AD

11.2014-19-09_6

G Data

Adware.IBryte.AD

14.9.24

herdProtect (fuzzy)

variant of firefox%20setup%20stub%2026_0_exe&exename=firefoxinstaller_exe&switches=%2fs&title=firefox&descripti (Adware)

2014.11.30.16

IKARUS anti.virus

PUA.PremiumInstaller

t3scan.1.6.1.0

K7 AntiVirus

Unwanted-Program

13.181.12846

Kaspersky

not-a-virus:AdWare.Win32.iBryte

15.0.0.494

Malwarebytes

PUP.Optional.OptimumInstaller

v2014.09.19.09

McAfee

Trojan.Artemis!D06D84983289

5600.7002

MicroWorld eScan

Adware.IBryte.AD

15.0.0.786

NANO AntiVirus

Trojan.Win32.Buzus.cywlqp

0.28.0.60475

Norman

IBryte.PDB

11.20140919

nProtect

Adware.IBryte.AD

14.08.06.01

Panda Antivirus

Trj/Genetic.gen

14.09.19.09

Qihoo 360 Security

Malware.Radar03.Gen

1.0.0.1015

Quick Heal

Adware.iBryte.DK4

9.14.14.00

Reason Heuristics

PUP.FileMonarch.N

14.9.19.22

Rising Antivirus

PE:Malware.iBryte!6.197B

23.00.65.14917

Sophos

iBryte Optimum Installer

4.98

SUPERAntiSpyware

Adware.OptimumInstaller/Variant

10349

Total Defense

Win32/Tnega.XABfAXD

37.0.10836

Trend Micro House Call

Suspicious_GEN.F47V0717

7.2.262

Vba32 AntiVirus

AdWare.iBryte

3.12.26.3

VIPRE Antivirus

Threat.4778314

31208

Zillya! Antivirus

Adware.iBryte.Win32.923

2.0.0.1835

File size:

163.4 KB (167,288 bytes)

Product version:

2.4.8.1

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\player-chrome.exe

Digital Signature

Signed by:

File Monarch

Authority:

COMODO CA Limited

Valid from:

3/17/2014 8:00:00 PM

Valid to:

3/18/2015 7:59:59 PM

Subject:

CN=File Monarch, O=File Monarch, STREET="4600 Madison Ave., FL 10", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E65C750985B066CBB7B485ACF86E58B1

File PE Metadata

Compilation timestamp:

8/8/2014 9:53:42 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:KVxcumlur6TjTPY8tdO/9wHRihnWW8LalY4o8ddqKtBWYM4AuZg2UxQhpkIMT4U:KMvlurEDbO/y6WxKt4YM/ZxQjktcU

Entry address:

0x6100

Entry point:

E8, 43, 05, 00, 00, E9, 36, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, A2, 40, 00, 89, 0D, 04, A2, 40, 00, 89, 15, 00, A2, 40, 00, 89, 1D, FC, A1, 40, 00, 89, 35, F8, A1, 40, 00, 89, 3D, F4, A1, 40, 00, 66, 8C, 15, 20, A2, 40, 00, 66, 8C, 0D, 14, A2, 40, 00, 66, 8C, 1D, F0, A1, 40, 00, 66, 8C, 05, EC, A1, 40, 00, 66, 8C, 25, E8, A1, 40, 00, 66, 8C, 2D, E4, A1, 40, 00, 9C, 8F, 05, 18, A2, 40, 00, 8B, 45, 00, A3, 0C, A2, 40, 00, 8B, 45, 04, A3, 10, A2, 40, 00, 8D, 45, 08, A3, 1C, A2, 40... 
[+]

Entropy:

4.3278

Code size:

24 KB (24,576 bytes)

Remove player-chrome.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.