home

vlc_media_player.exe

Installer

Simply Tech Ltd

One Floor App (Simply Tech/Widdit) distributes and bundles potentially unwanted programs (PUPs) using its OneFloorApp install manager (SimplyInstaller). The application vlc_media_player.exe, “Installer Setup ” by Simply Tech has been detected as a potentially unwanted program by 19 anti-malware scanners. The program is a setup application that uses the Widdit Setup installer. With this installer, users are expecting to download the VideoLAN VLC media player but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.
Publisher:
Simply Tech Ltd  (signed and verified)

Product:
Installer

Description:
Installer Setup

Version:
11.8

MD5:
d72f5c822339a8faa3c36e76bab34b43

SHA-1:
83fe062bc3ed84964084f57b8d25f68f0e51bbec

SHA-256:
0531b94baef37dd1b7ab7ea968a1bba4e4cff2341809aa869d0d135b2072b441

Scanner detections:
19 / 68

Status:
Potentially unwanted

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/19/2024 12:29:48 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen
7.11.163.240

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.Agent-6810
0.98/21411

Dr.Web
Adware.Downware.2109
9.0.1.046

ESET NOD32
Win32/Toolbar.Widdit (variant)
10.9650

F-Secure
Gen:Variant.Adware.Mplug.21
11.2016-15-02_2

G Data
Win32.Application.SimplyTech
16.2.24

IKARUS anti.virus
BehavesLike
t3scan.2.2.29

K7 AntiVirus
Adware
13.183.13305

Kaspersky
not-a-virus:WebToolbar.Win32.FirstFloor
14.0.0.657

Malwarebytes
PUP.Optional.SimplyTech
v2016.02.15.02

McAfee
Trojan.Artemis!909C53FE174D
5600.6488

NANO AntiVirus
Trojan.Win32.WebToolbar.dejknp
0.28.2.61861

Qihoo 360 Security
Malware.QVM06.Gen
1.0.0.1015

Reason Heuristics
PUP.Widdit.SimplyTech.Bundler (M)
16.2.15.14

Sophos
SimplyInstaller
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
9322

Total Defense
Win32/Tnega.FeYaGFB
37.1.62.1

VIPRE Antivirus
Threat.4729122
35418

File size:
898.6 KB (920,176 bytes)

Product version:
11.8

Copyright:
Copyright (c) 2012, www.simplytech.com

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Widdit Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\vlc_media_player.exe

Digital Signature
Signed by:
Simply Tech Ltd

Authority:
COMODO CA Limited

Valid from:
4/4/2012 2:00:00 AM

Valid to:
4/5/2014 1:59:59 AM

Subject:
CN=Simply Tech Ltd, O=Simply Tech Ltd, STREET=10 Zarhin street, L=Raanana, S=Raanana, PostalCode=43662, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1FC78D842B3886BB8D32517578F7489C

File PE Metadata
Compilation timestamp:
10/13/2013 10:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:9xGaFDpekdGp9Z1SlfscwzX0eCYRK+ILTfBLXSYo:Wau9nSSVkJ7+CK

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.8692

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

Remove vlc_media_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.