home

video-player.exe

Mirage Computer Systems GmbH

Publisher:
Mirage Computer Systems GmbH  (signed and verified)

MD5:
23c3d794ce12c9b57bd0c3b5354bf9f1

SHA-1:
7450ac1df54c8d5016e006790ecea0298f020d70

SHA-256:
ed5016ff1ce652d66fac8841fcc80017e438f4842fe0854384be6826b59c7547

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 12:25:07 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan-Dropper.Win32.Dorifel
t3scan.1.6.1.0

File size:
3.4 MB (3,600,264 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\video-player.exe

Digital Signature
Signed by:
Mirage Computer Systems GmbH

Authority:
The USERTRUST Network

Valid from:
2/16/2010 1:00:00 AM

Valid to:
2/16/2013 12:59:59 AM

Subject:
CN=Mirage Computer Systems GmbH, O=Mirage Computer Systems GmbH, STREET=Auf der Steige 12, L=Aulendorf, S=Baden-Wuerttemberg, PostalCode=88326, C=DE

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
14AEC1B22AA4C88D30AE5EDB61C7CD73

File PE Metadata
Compilation timestamp:
8/23/2012 8:23:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
49152:d0WXlRCSjwDow7mCoNC2SbIXSiG8ktTp56efBVddOPehLjsNlIdqB:5l4sWz7mtNQIXSz6epgqklSqB

Entry address:
0x1000

Entry point:
68, B0, 0D, 01, 00, 68, 00, 00, 00, 00, 68, 9C, CB, 74, 00, E8, EB, 41, 0F, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, E4, 41, 0F, 00, A3, A0, CB, 74, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, D1, 41, 0F, 00, A3, 9C, CB, 74, 00, B8, 5C, 28, 67, 00, A3, EC, CB, 74, 00, E8, 62, 14, 12, 00, E8, 8C, F0, 11, 00, E8, 04, E3, 11, 00, E8, 0F, D4, 11, 00, E8, 8E, 5F, 11, 00, E8, BF, 5D, 11, 00, E8, 6C, 4A, 11, 00, E8, 19, 32, 11, 00, E8, 40, 14, 11, 00, E8, D5, 30, 10, 00, E8, 6B, 23, 10, 00...
 
[+]

Packer / compiler:
PKLITE32, 0x1.1

Code size:
2.1 MB (2,232,832 bytes)

Scan video-player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.