home

не подтвержден 972379.crdownload

GOM Player

PROFI-SOFT

The file не подтвержден 972379.crdownload has been detected as malware by 1 anti-virus scanner.
Publisher:
Gretech Corp.  (signed by PROFI-SOFT)

Product:
GOM Player

Version:
2, 1, 34, 5075

MD5:
c3008f83c71147c3e8677890aa1741bd

SHA-1:
34610db13b7df81542b7315c94c0347d6059c44c

SHA-256:
c55c5d7849d203d40440e3f4be73e54d61ad9524e659a039e399627b8cbba94d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
1/10/2025 3:45:09 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.12.17

File size:
872 KB (892,936 bytes)

Product version:
2, 1, 34, 5075

Copyright:
Copyright(C) 2003-2011 Gretech Corp. All rights reserved.

Common path:
C:\users\{user}\downloads\новая папка \новая папка\не подтвержден 972379.crdownload

Digital Signature
Signed by:
PROFI-SOFT

Authority:
COMODO CA Limited

Valid from:
9/4/2015 5:00:00 AM

Valid to:
9/4/2016 4:59:59 AM

Subject:
CN="""PROFI-SOFT"", OOO", O="""PROFI-SOFT"", OOO", STREET="Prospekt Piskarevsky, 10", L=Saint-Petersburg, S=Saint-Petersburg, PostalCode=195221, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008B0D4FAA82D8B1952898AE54373F0012

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

Entry address:
0x8BC34

Entry point:
52, 51, 89, FF, 75, 02, 8D, 00, 8B, 0D, 18, 51, 49, 00, 0F, B6, 01, 2C, B0, 83, E8, 08, 75, 05, E9, 36, 02, 00, 00, 68, AC, BC, 48, 00, E9, F7, 00, 00, 00, 68, D0, C8, 48, 00, E9, 62, D5, 00, 00, 03, 45, E8, 3B, E2, F8, 80, 38, 33, 0F, 85, FC, D8, 00, 00, 8B, 45, F8, 03, 45, F0, 03, 45, EC, E9, DE, E8, FF, FF, E8, 6D, F7, FF, FF, 89, 35, B8, 10, 49, 00, 86, DF, 87, 05, F5, 10, 49, 00, 66, 0F, BE, DA, 89, D3, E9, F6, D6, 00, 00, 50, E9, E5, E4, 00, 00, E8, 5D, 53, F7, FF, C3, 6A, 00, E9, 75, D1, FF, FF, A1...
 
[+]

Code size:
581 KB (594,944 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.