home

vlc_media_player.exe

Installer

Simply Tech Ltd

One Floor App (Simply Tech/Widdit) distributes and bundles potentially unwanted programs (PUPs) using its OneFloorApp install manager (SimplyInstaller). The application vlc_media_player.exe, “Installer Setup ” by Simply Tech has been detected as a potentially unwanted program by 19 anti-malware scanners. The program is a setup application that uses the Widdit Setup installer. The installer is marketed through download protals and search ads as the VideoLAN VLC media player but will also install additional software offers which include adware, PUPs and browser toolbars.
Publisher:
Simply Tech Ltd  (signed and verified)

Product:
Installer

Description:
Installer Setup

Version:
9.2

MD5:
d5ef7da14ac1c214f394f2f507df9840

SHA-1:
1d2c1c98b963a2923c7d0e05829ca348987ff262

SHA-256:
73c93620f093854b2c54f3d22593be350ce08594d14bfe6e262b7e5ff2feb00b

Scanner detections:
19 / 68

Status:
Potentially unwanted

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/25/2024 8:24:33 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen
7.11.163.240

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.Agent-6810
0.98/21411

Dr.Web
Adware.Downware.2109
9.0.1.046

ESET NOD32
Win32/Toolbar.Widdit (variant)
10.9650

F-Secure
Gen:Variant.Adware.Mplug.21
11.2016-15-02_2

G Data
Win32.Application.SimplyTech
16.2.24

IKARUS anti.virus
BehavesLike
t3scan.2.2.29

K7 AntiVirus
Adware
13.183.13305

Kaspersky
not-a-virus:WebToolbar.Win32.FirstFloor
14.0.0.656

Malwarebytes
PUP.Optional.SimplyTech
v2016.02.15.06

McAfee
Trojan.Artemis!909C53FE174D
5600.6488

NANO AntiVirus
Trojan.Win32.WebToolbar.dejknp
0.28.2.61861

Qihoo 360 Security
Malware.QVM06.Gen
1.0.0.1015

Reason Heuristics
PUP.Widdit.SimplyTech.Bundler (M)
16.2.15.18

Sophos
SimplyInstaller
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
9321

Total Defense
Win32/Tnega.FeYaGFB
37.1.62.1

VIPRE Antivirus
Threat.4729122
35418

File size:
925.3 KB (947,464 bytes)

Product version:
9.2

Copyright:
Copyright (c) 2012, www.simplytech.com

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Widdit Setup

Language:
Swedish (Sweden)

Common path:
C:\users\{user}\downloads\vlc_media_player.exe

Digital Signature
Signed by:
Simply Tech Ltd

Authority:
COMODO CA Limited

Valid from:
4/4/2012 2:00:00 AM

Valid to:
4/5/2014 1:59:59 AM

Subject:
CN=Simply Tech Ltd, O=Simply Tech Ltd, STREET=10 Zarhin street, L=Raanana, S=Raanana, PostalCode=43662, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1FC78D842B3886BB8D32517578F7489C

File PE Metadata
Compilation timestamp:
10/13/2013 10:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:0xGaVezCTvDEiYGykfSPfhxKSyECYRK+ILTfBLXSYo:5ahDEmykqnhxKSU7+CK

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

Remove vlc_media_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.