3.9.1.135_20150331102851.exe

The KMPlayer

Pandora TV Co., Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program KMPlayer (remove only). The file has been seen being downloaded from www.oldapps.com and multiple other hosts.
Publisher:
PandoraTV  (signed by Pandora TV Co., Ltd.)

Product:
The KMPlayer

Description:
The KMPlayer Setup/Install

Version:
3.9.1.135

MD5:
3a22564a1eefb99f8268d58fe005d7cc

SHA-1:
9e7b674106ee2a689559d6d67bff6abfd1b3ff23

SHA-256:
a3e26e821d83750e64383bd4d5673f4f0077c1c2c05a44050844fa562c3058fc

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 2:05:13 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.InstallMonstr!6.38
23.00.65.15331

File size:
35.7 MB (37,423,096 bytes)

Product version:
3.9

Copyright:
Copyright PandoraTV 2013.

Trademarks:
Freeware

Original file name:
KMPlayer_3.9.1.135.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\3.9.1.135_20150331102851.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
3/9/2015 3:00:00 AM

Valid to:
5/12/2016 2:59:59 AM

Subject:
CN="Pandora TV Co., Ltd.", OU=IT Team, O="Pandora TV Co., Ltd.", L=Gangnam-gu, S=SEOUL, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
106CB8E1A76002B367F8EC4EAD341212

File PE Metadata
Compilation timestamp:
2/24/2012 10:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:arq5u0W9DGz0/Oz1FYER21DE9VrKYMU0L+NGzx4uDIN:auwr9u0/OzP7lL2L+MzxzDIN

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file 3.9.1.135_20150331102851.exe has been discovered within the following program.

KMPlayer (remove only)  by Pandora.TV
www.kmplayer.com
About 7% of users remove it
 
Powered by Should I Remove It?

The file 3.9.1.135_20150331102851.exe has been seen being distributed by the following 50 URLs.

http://www.oldapps.com/kmplayer.php?app=3A22564A1EEFB99F8268D58FE005D7CC

http://www.filehorse.com/download/file/.../

http://dl3.vessoft.com/files2/k/kmplayer_windows/3.9.1.135/.../3.9.1.135_20150331102851.exe

https://d3.usercdn.com/d/.../kmplayer.3.9.exe

https://d3.usercdn.com/d/.../kmplayer.3.9.exe

http://www.softsalad.ru/.../ff6279e92ea7028c6fa72f23be32f77f

http://filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

http://moiprogrammy.net/.../1080?orig=1080

http://filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

http://ftp-stahuj.centrum.cz/dl/f369b754fb52328b0368f3973827e48b/5522b2e2/stahuj/download/software/secured/k/kmplayer/.../3.9.1.135_20150331102851.exe

http://www.filehippo.com/download/file/.../

http://cdn.superfilescosmos.com/c?x=HKnbWXJNhN5vyng5puJS4HbdvyNhGk3K9ak6x2LyYk0=&c=RhShl/U FJtAR1ID NZJGX0iFI33XdU5hrGM6Mh8lAskp3Rk9ODGM0/uErgr3O4P4C/Hyyn9C8FkkiCVDB0kFQ==&fallback_url=http://cdn.kmplayer.com/KMP/player/download/.../3.9.1.135_20150331102851.exe

http://filehippo.com/download/file/.../

https://d3.usercdn.com/d/.../kmplayer.3.9.exe

http://www.filehippo.com/download/file/.../

http://www.softsalad.ru/.../e90bea23e532ead12cf317d178ecf6bd

http://www.afterdawn.com/software/.../download.cfm?version_id=97900&software_id=1240&mirror_id=0&installer=0&perion=0&air_installer=0

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://download.moiprogrammy.net/KMPlayer_Rus_Setup.exe

http://ftp-stahuj.centrum.cz/dl/7c5ded1fa65552e03ca9b27d57d9747f/5568a3a9/stahuj/download/software/secured/k/kmplayer/.../3.9.1.135_20150331102851.exe

http://www.tamindir.com/indir/MjAxNS0wNC0xMCAxMDowMDozOA==/kmplayer/.../3.9.1.135

https://d3.usercdn.com/d/.../kmplayer.3.9.exe

http://filehippo.com/download/file/.../

http://download.id/.../kmplayer_DOWNLOAD.ID.exe

http://download.besplatnyeprogrammy.ru/KMPlayer_Rus_Setup.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

Latest 30 of 88 download URLs

Scan 3.9.1.135_20150331102851.exe - Powered by Reason Core Security