» uplayermediaplayer-setup.exe
Overview
Analysis
File Details
Downloads (1)

uplayermediaplayer-setup.exe

Full Spectrum Interactive

The application uplayermediaplayer-setup.exe by Full Spectrum Interactive has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from files5.safelink9.com.

File name:

Publisher:

Full Spectrum Interactive (signed and verified)

MD5:

092dfacc392062034e1db43c1c0ddb70

SHA-1:

9471739d0506569408086b439e0d0535693a8924

SHA-256:

a191b7c84dbe1e1c012c6b006cdc103d0553788f82030c1f5f783cca6a152dd4

Scanner detections:

5 / 68

Status:

Potentially unwanted

Analysis date:

5/8/2026 11:23:24 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Dr.Web

Adware.Downware.2220

9.0.1.0153

NANO AntiVirus

Trojan.Win32.Downware.crgjbr

0.28.0.58720

Reason Heuristics

PUP.Installer.FullSpectrumInteractive.Y

14.6.2.21

Sophos

Download Admin

4.98

VIPRE Antivirus

DownloadAdmin

27828

File size:

754.7 KB (772,768 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\uplayermediaplayer-setup.exe

Digital Signature

Signed by:

Full Spectrum Interactive

Authority:

VeriSign, Inc.

Valid from:

6/10/2012 8:00:00 PM

Valid to:

6/10/2014 7:59:59 PM

Subject:

CN=Full Spectrum Interactive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Full Spectrum Interactive, L=San Francisco, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1A1AEF489C94F2C514EA16B9BEBCDEFC

File PE Metadata

Compilation timestamp:

6/22/2012 2:07:51 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:DxpJbIopF8znAyRLJi6FbkTf0O0vZ4o4lb3eVej7KFFokK:9pxtIznAyR1i+kL94Wo4ReVeaFF9K

Entry address:

0x333B

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, B0, 73, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, C0, 70, 40, 00, 53, FF, 15, 88, 72, 40, 00, 6A, 08, A3, B8, 3C, 42, 00, E8, 2C, 25, 00, 00, 53, 68, 60, 01, 00, 00, A3, C0, 3B, 42, 00, 8D, 44, 24, 38, 50, 53, 68, 43, 74, 40, 00, FF, 15, 64, 71, 40, 00, 68, 38, 74, 40, 00, 68, C0, 33, 42, 00, E8, 1D, 24, 00, 00, FF, 15, BC, 70, 40, 00, 50, BF, 00, 90, 42, 00, 57, E8, 0B, 24, 00, 00... 
[+]

Entropy:

7.4252

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file uplayermediaplayer-setup.exe has been seen being distributed by the following URL.

http://files5.safelink9.com/dl?bc=965998&aid=matomy

Remove uplayermediaplayer-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.