home

player_setup.exe

The application player_setup.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source.
MD5:
434f7d8ab523f5fd9d5f13178572391f

SHA-1:
3c6cb0407bfce2f828dd1d8f217aa095230f0edd

SHA-256:
b3bc32db8faf84632546e4ff9cdc83ac648b51cd26c7e78b8ba4c5ddcc105cb3

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
4/18/2024 10:16:43 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.DomaIQ
2015.03.06

AVG
Adware Generic_r.NH
2014.0.4253

Dr.Web
Adware.Downware.4305
9.0.1.05190

ESET NOD32
Detection.Undefined
7.0.302.0

NANO AntiVirus
Riskware.Win32.Downware.dchfoa
0.30.0.296

Reason Heuristics
Threat.Win.Reputation
15.6.11.1

Rising Antivirus
PE:Trojan.DL.Win32.Tugspay.i!1075356010
23.00.65.15304

Zillya! Antivirus
Adware.DomaIQ.Win32.304
2.0.0.2089

File size:
161.4 KB (165,261 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\player_setup.exe

File PE Metadata
Compilation timestamp:
5/28/2014 11:26:47 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:Awe5HuXv8bLhGi3s2jwIQ0ovMk2wZCik2fJaTAmI:roHuXfi3s2s2ovMokgaEF

Entry address:
0x3FD6

Entry point:
B8, 8C, 1E, 49, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 61, 73, 64, 66, 76, 65, 73, 76, 76, 77, 00, C7, 47, 9A, 81, C7, DF, C6, 8D, E5, 4D, 0C, 69, 7A, AF, 51, DA, C5, A1, 0B, A7, 00, EF, 4C, 8D, 2E, AC, 4E, 8E, 17, E6, 98, C3, BD, BE, CE, 16, E3, 2A, 81, 1B, 3B, 5D, C4, 73, 35, 65, 4A, 9C, 98, 2D, F8, E6, D6, 93, 97, 78, E7, 5C, 4E, AB, 00, 1E, C8, 86, E8, FB, C8, E1, BD, BC, 6D, B1, CC, D5, 81, DF, 97, D3, 12, 7F, B9, 2D, BE, 38, 40, 64, 09, 1B, 67, 02, F4, 52, 9C...
 
[+]

Code size:
38.5 KB (39,424 bytes)

Remove player_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.