home

rmplayer.exe

Rich Media Player

Radiocom CJSC

The application rmplayer.exe by Radiocom CJSC has been detected as adware by 2 anti-malware scanners. This file is typically installed with the program Rich Media Player by Radiocom which is a potentially unwanted software program.
Publisher:
Radiocom  (signed by Radiocom CJSC)

Product:
Rich Media Player

Version:
1.0.0.409

MD5:
24b327ca561d48c1ff6b99c8bc4d3324

SHA-1:
391125c1ca795faee8f37c214f4b179aaf747f14

SHA-256:
4477f1ab10574968563cee8aa99762ba22ea75af0e263d17ff0fe249a410b954

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
4/16/2024 8:53:58 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Paked
1.3.0.4959

Reason Heuristics
PUP.RadiocomCJSC.I
14.9.22.14

File size:
1.9 MB (1,981,728 bytes)

Product version:
1.0.0.409

Copyright:
Copyright (C) Radiocom

Original file name:
rmplayer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\rich media suite\rmplayer.exe

Digital Signature
Signed by:
Radiocom CJSC

Authority:
VeriSign, Inc.

Valid from:
9/18/2012 2:00:00 AM

Valid to:
9/19/2013 1:59:59 AM

Subject:
CN=Radiocom CJSC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Radiocom CJSC, L=Kiev, S=Ukraine, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0E7CA39F8E0D8E0B14958ACC23F8607B

File PE Metadata
Compilation timestamp:
1/9/2013 4:24:38 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:c7zkC408OTlpuPa72zphkFpz+5k0VmZOi5c6WqYIyJtM+TqZqopEVz7mPRC0MzJH:c/kCvaiIbD25c6tqAyV7mE0UJeNMb

Entry address:
0xDB47B

Entry point:
B8, 60, 86, 9B, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 62, 53, 77, AF, 18, 60, 60, 32, 53, D9, A9, 80, 39, 25, 6A, 22, A6, EE, B5, F3, 0B, B2, 26, C3, 39, 23, 5C, DE, AC, 06, F0, 8E, 23, B8, AF, 4B, C3, 17, 26, 13, 03, C7, 76, 19, B5, 66, 8C, E2, 0B, 3C, DF, A4, A2, 53, CB, 88, 95, 8C, 19, FE, 62, 4F, 80, 92, D2, 29, 22, 7F, C9, 53, 6D, 77, FE, 17, 9B, A9, B9, 5C, 53, 22, 5B, 78, 02, 5B, 45, F0, A1, 26, 0B, 83, DA, 03, 52...
 
[+]

Packer / compiler:
PECompact v2

Code size:
990.5 KB (1,014,272 bytes)

The file rmplayer.exe has been discovered within the following program.

Rich Media Player  by Radiocom
This is advertising supported software per the Terms: "There may be times when You will be directly presented with offers for additional content, software, services, or a combination of any of these things when downloading, installing, using, or updating the Software.
www.richmediaplayer.com
About 65% of users remove it
 
Powered by Should I Remove It?

Remove rmplayer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.