home

setup_player.exe

Toolwiz Player and Converter FREE

XII CNC Inc.

The program is a setup application that uses the Inno Setup installer. This is installed with multiple programs including Toolwiz Time Freeze 2014 and Toolwiz TimeFreeze. The file has been seen being downloaded from www.toolwiz.com and multiple other hosts.
Publisher:
Toolwiz   (signed by XII CNC Inc.)

Product:
Toolwiz Player and Converter FREE

Description:
Toolwiz Player and Converter FREE Setup

Version:
1.4.0.0

MD5:
7f11ff30cd087577486efbb26881245b

SHA-1:
1cc04258d865abbbe2fe455d57413bc2605b352b

SHA-256:
a375dffe6870cb222fae91717ca3bfcacfe46514f1daf99567e0941fc6db37f8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:08:03 PM UTC  (today)

File size:
5.7 MB (5,955,608 bytes)

Product version:
1.4.0.0

Copyright:
Copyright © 2011-2012 Toolwiz.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup_player.exe

Digital Signature
Signed by:
XII CNC Inc.

Authority:
VeriSign, Inc.

Valid from:
7/31/2011 8:00:00 PM

Valid to:
8/30/2012 7:59:59 PM

Subject:
CN=XII CNC Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=XII CNC Inc., L=Anyang, S=Kyunggi, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B01A485CA0C94226AA153DE1A468248

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:c9lvWXAlmSUbfk+BmJC2VIw5RZcHuLHy08i2Rr/ZHclkDmRAc1Jt7TNLz:+IXAQSwtBYCu2HMSVtZHDDmRAc1JpR

Entry address:
0x9B60

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 66, 95, FF, FF, E8, 6D, A7, FF, FF, E8, 98, C9, FF, FF, E8, DF, C9, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 17, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, E0, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C8, CF, FF, FF, 8B, 55, F0, B8, F0, CD, 40, 00, E8, 17, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, F0, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9991

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file setup_player.exe has been discovered within the following programs.

Toolwiz BSafe  by ToolWiz
www.Toolwiz.com
About 9% of users remove it
Toolwiz Time Freeze 2014  by ToolWiz
About 1% of users remove it
Toolwiz TimeFreeze  by ToolWiz
www.toolwiz.com/products/toolwiz-time-freeze
About 8% of users remove it
 
Powered by Should I Remove It?

The file setup_player.exe has been seen being distributed by the following 2 URLs.

http://www.toolwiz.com/download.php?action=ToolwizPlayerandConverter

http://www.toolwiz.com/.../Setup_Player.exe

Scan setup_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.