» xp_codec-pack_2.5.1 subido por telemaco.exe
Overview
Analysis
File Details
Programs (3)
Downloads (16)

xp_codec-pack_2.5.1 subido por telemaco.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from letoltes.szoftverbazis.hu and multiple other hosts.

File name:

MD5:

a1142f285b6f02ad273c590adc901acf

SHA-1:

1e3b2f3248fa9f692b5d6e88c89bb3bad7c476fb

SHA-256:

ae946d3651172298e6bf613647f27b4855fd640d3f82d49aa95763d47ec9d557

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 1:36:05 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.ArcadeWeb!6.425

23.00.65.14108

File size:

7.5 MB (7,858,598 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\xp_codec-pack_2.5.1 subido por telemaco.exe

File PE Metadata

Compilation timestamp:

6/6/2009 4:41:54 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:Cvt/HnmVqpRdLUOla37CflzvX6xUJcByL1upuq7Xr:s/GVqpTLrlayzvAUJcByxupuqH

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9993

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file xp_codec-pack_2.5.1 subido por telemaco.exe has been discovered within the following programs.

Around the World in 80 Days by Media Contact LLC

Around the World in 80 Days is a casual video games distributed through the GameTop.com download portal. The trial verison of the game in some cases drops an icon on the user's desktop 'Online Free Games' which links to a partner portal such as onlinefreegames.com.

www.gametop.com/download-free-games/80-days

8% remove it

Running Sheep by Media Contact LLC

Running Sheep is a casual PC video game distributed through the Game Top download portal. The trial verison of the game includes an icon on the user's desktop 'Online Free Games' which links to a partner portal such as onlinefreegames.com.

www.GameTop.com

4% remove it

XP Codec Pack by XP Codec Pack team

Publisher's description - “XP Codec Pack is one of the most complete codec packs which helps you to play all major audio and video formats. And...”

11% remove it

The file xp_codec-pack_2.5.1 subido por telemaco.exe has been seen being distributed by the following 16 URLs.

http://letoltes.szoftverbazis.hu/AReEbkuV1wtYtpn40ujmCQ/1482594997/.../XP-Codec-Pack-2.5.1_2.exe

http://www.freecodecs.net/.../XP-Codec-Pack-2.5.1.exe

http://letoltes.szoftverbazis.hu/iAMwAau4PDcooQZotF13Eg/1479587143/.../XP-Codec-Pack-2.5.1_2.exe

http://s3.amazonaws.com/moviecodec/.../XP-Codec-Pack_2.5.1.exe

http://letoltes.szoftverbazis.hu/Yn7jH7O2ogFNHgxpYcqbUA/1450040267/.../XP-Codec-Pack-2.5.1_2.exe

http://s6550.chomikuj.pl/File.aspx?e=EAbWxHdvR6C6XqsmgMR0C3PdcesyVOItGQbamum8yLA85LDqPXXAssIDUppYlyWbxvSanKt5nkBNtSGIqONFbrBQeptw4NHi1MDIpuykJ4HGokY1Xzbnr1CGCxgh0BdWenJjJ_aU6rBP6PVcU2hhLA&pv=2

ftp://ftp.komputerswiat.pl/MuzykaIWideo/Kodeki/.../XP-Codec-Pack-2.5.1.exe

http://letoltes.szoftverbazis.hu/6TvTdHXvEuhmMXGsQUDjEg/1462696521/.../XP-Codec-Pack-2.5.1_2.exe

https://doc-14-2o-docs.googleusercontent.com/docs/securesc/fupvb48upmdtumnnu402j3p362mo7dti/j93bvjesur880de9djj630i41bftk6o1/1461657600000/10301801386995486638/.../0B5GM1Nyj7lHZWkgycTRLd3VJMUU?e=download

http://s10178.chomikuj.pl/File.aspx?e=EAbWxHdvR6C6XqsmgMR0C3PdcesyVOItGQbamum8yLA0T4DMtIiHJmoRGLpCZJU8wTb16JCR8TvWh5D4CHux8avrnkmJUp83hPTXN_gItT4OUQSw4Zu0uyKTdPsRoYnfTaEMBhkiUTyxm4dy2pJZ1oFTdwLYDtdKednes8IxAS0&pv=2

http://downloads.hotdownloads.ru/.../XP-Codec-Pack-2.5.1.exe

http://letoltes.szoftverbazis.hu/xJEF6pzJI6UldToT3FiB_g/1459373046/.../XP-Codec-Pack-2.5.1_2.exe

http://letoltes.szoftverbazis.hu/uRn_wYtg5sHEMZ1UWAsUDA/1451151563/.../XP-Codec-Pack-2.5.1_2.exe

http://www.xpcodecpack.com/download.php?file=XP-Codec-Pack_2.5.1.exe

http://www.xpcodecpack.com/download.php?file=XP_Codec-Pack_2.5.1.exe

https://mega.co.nz/temporary/.../uFdmEZwR

Scan xp_codec-pack_2.5.1 subido por telemaco.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.