» playon_media_server_crack_55tyb.exe
Overview
Analysis
File Details

playon_media_server_crack_55tyb.exe

ROSA LTD

The application playon_media_server_crack_55tyb.exe by ROSA has been detected as adware by 20 anti-malware scanners.

File name:

Publisher:

ReallySoft (signed by ROSA LTD)

Description:

installer.exe

Version:

2.1.2.3

MD5:

7ff25d87dde24f72771ef3d79e0012b6

SHA-1:

554476241ca8067ee600e41ad53fde4122324c1f

SHA-256:

362cae249c4876f4678024e3bee48b9c870d01b974de02ed1cb7c5fa321f6b61

Scanner detections:

20 / 68

Status:

Adware

Analysis date:

4/24/2024 10:51:19 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.483613

6212261

Agnitum Outpost

Riskware.Agent

7.1.1

Avira AntiVirus

APPL/Downloader.Gen4

7.11.197.26

avast!

Win32:Rootkit-gen [Rtk]

141214-1

AVG

Generic

2015.0.3253

Bitdefender

Gen:Variant.Kazy.483613

1.0.20.1775

Clam AntiVirus

Win.Trojan.Agent-824338

0.98/19819

Dr.Web

Trojan.Packed.29079

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.483613

9.0.0.4668

ESET NOD32

Win32/bmMedia.CS potentially unwanted application

7.0.302.0

F-Prot

W32/A-12625e94

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.483613

5.13.68

G Data

Gen:Variant.Kazy.483613

14.12.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.8.5.0

MicroWorld eScan

Gen:Variant.Kazy.483613

15.0.0.1065

NANO AntiVirus

Trojan.Win32.BmMedia.didzhh

0.28.6.64267

Norman

Gen:Variant.Kazy.483613

04.12.2014 14:30:06

Panda Antivirus

Trj/Genetic.gen

14.12.21.11

Reason Heuristics

PUP.Installer.ROSA.FF

14.12.21.22

VIPRE Antivirus

Threat.4150696

35418

File size:

2.2 MB (2,342,912 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\playon_media_server_crack_55tyb.exe

Digital Signature

Signed by:

ROSA LTD

Authority:

COMODO CA Limited

Valid from:

9/25/2014 5:00:00 PM

Valid to:

9/26/2015 4:59:59 PM

Subject:

CN=ROSA LTD, O=ROSA LTD, STREET=d. Nikulino, L=Moskovskaya obl, S=Kashirskiy rayon, PostalCode=142947, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

40D688E49E139BC003BC9099C5B15BCA

File PE Metadata

Compilation timestamp:

10/17/2014 12:46:30 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:IejaL6lb/R7xKYb5UQ7r+elbRVSm9veC9SoKR:hjpl3K7Qn+ibzSm9vv9SoS

Entry address:

0xE71C

Entry point:

55, 89, E5, 81, EC, 44, 01, 00, 00, 8D, 35, E6, 15, 00, 00, 68, 12, 51, 3E, 00, E8, 57, 5D, FF, FF, 83, EC, 10, 56, 6A, 40, FF, 75, FC, 53, 6A, F6, 58, 33, D2, F7, F1, 83, F8, 02, 72, F0, B9, 66, 0B, 00, 00, 8B, D1, C1, E9, 02, 74, F4, 33, C9, 75, 14, 8B, 55, 0C, D3, EF, 8B, 4D, 08, 21, 59, 04, 8B, 5D, 0C, 75, 26, 0F, B6, 70, 19, 0F, B6, 59, 19, 2B, F3, 75, F4, C7, 85, 48, FF, FF, FF, 10, 73, 43, 00, 8B, 8D, 48, FF, FF, FF, 89, 4D, F0, 8B, CA, E8, D8, C2, FF, FF, 83, C4, 14, 8D, 46, 40, 38, 18, 74, EC, FF... 
[+]

Entropy:

6.5952

Code size:

200 KB (204,800 bytes)

Remove playon_media_server_crack_55tyb.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.