home

xmplay.exe

Un4seen Developments

This is a setup program which is used to install the application. The file has been seen being downloaded from www.un4seen.com.
Publisher:
Un4seen Developments

Description:
XMPlay

Version:
3.8.1

MD5:
2d4866943150afa4a6aa56c2495fbbe7

SHA-1:
d685f4e770b0477834f9b50bdfef07751f960ff8

SHA-256:
315644af008e7a0e4d425170ea07e2d82e28204508ce7f550534d1d03899f5df

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 11:32:41 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.151212

Trend Micro House Call
Suspicious_GEN.F47V0316
7.2.348

File size:
301.7 KB (308,959 bytes)

Copyright:
Copyright © 1998-2015

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

File PE Metadata
Compilation timestamp:
3/11/2015 10:14:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:79y3CpFOp4IG95Mi+AhfFVNWeDpBcCbtOccHquDBScn6IQFupARO8qo9:w3dpiOiDhf5L/Qq1F8ix9

Entry address:
0x37DA7

Entry point:
B8, 00, E0, 54, 00, 60, 8D, A8, 00, 20, EB, FF, 68, 9D, 3E, 79, 7F, 6A, 40, 68, 00, 30, 00, 00, 68, 8F, 11, 03, 00, 6A, 00, FF, 90, 0C, 02, 00, 00, 89, 44, 24, 1C, BB, 5B, 03, 00, 00, 8D, B5, 8F, 7A, 03, 00, 8B, F8, 50, E8, 0A, 00, 00, 00, 74, 07, 8B, 44, 24, 24, FF, 50, 10, C3, 55, 81, FB, 00, 00, 01, 00, 73, 0E, 6A, 05, 68, 60, C0, FF, FF, 68, 60, FC, FF, FF, EB, 0C, 6A, 08, 68, 00, 83, FF, FF, 68, 00, FB, FF, FF, 6A, FF, 33, D2, 33, C9, AC, 32, C3, AA, 4B, 7E, 62, E8, 63, 00, 00, 00, 73, F2, 33, ED, E8...
 
[+]

Entropy:
7.9569  (probably packed)

Code size:
220 KB (225,280 bytes)

The file xmplay.exe has been seen being distributed by the following URL.

http://www.un4seen.com/.../xmplay.exe

Scan xmplay.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.