» BrowserWeb.exe
Overview
Analysis
File Details
Programs (1)
Network (3)

BrowserWeb.exe

BrowserWeb

The application BrowserWeb.exe has been detected as a potentially unwanted program by 19 anti-malware scanners. This file is typically installed with the program MixVideoPlayer by SoftForce LLC. While running, it connects to the Internet address server-54-230-81-190.mia50.r.cloudfront.net on port 80 using the HTTP protocol.

File name:

BrowserWeb.exe

Product:

BrowserWeb

Version:

1.0.0.16

MD5:

1725d3d92b5823a127002653a8f83a25

SHA-1:

bbdf3af29432c52928bdce297c00403d12f7fb86

SHA-256:

4174dcf6fdb49ce1f3b04bf7c2bc47429c201beea79ca34723169d10902ace10

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

11/23/2024 12:38:02 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Agent.PPL

605

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

TR/Confuser.66048.5

8.3.1.6

Arcabit

Adware.Agent.PPL

1.0.0.425

Baidu Antivirus

Hacktool.MSIL.Confuser

4.0.3.15525

Bitdefender

Adware.Agent.PPL

1.0.20.800

Emsisoft Anti-Malware

Adware.Agent.PPL

8.15.06.09.08

ESET NOD32

MSIL/Packed.Confuser.J suspicious (variant)

9.11682

F-Secure

Adware.Agent.PPL

11.2015-09-06_3

G Data

Adware.Agent.PPL

15.6.25

K7 AntiVirus

Trojan

13.204.16151

McAfee

RDN/Generic.grp!ik

5600.6739

MicroWorld eScan

Adware.Agent.PPL

16.0.0.480

Norman

Obfuscated.gen!r

11.20150525

nProtect

Adware.Agent.PPL

15.06.05.01

Panda Antivirus

Trj/CI.A

15.06.09.08

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Trend Micro House Call

TROJ_GEN.R0C1H07F115

7.2.160

Zillya! Antivirus

Trojan.Agent.Win32.541801

2.0.0.2211

File size:

64.5 KB (66,048 bytes)

Product version:

1.0.0.16

Original file name:

BrowserWeb.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\mixvideoplayer\browserweb.exe

File PE Metadata

Compilation timestamp:

5/25/2015 3:31:38 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:lpNwPRFrJzv5ZdblLc7zqxRWK049JFPuZ4A/Qy:lI/1v5Z4PqKK049fuV

Entry address:

0x106FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.7332

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

58 KB (59,392 bytes)

The file BrowserWeb.exe has been discovered within the following programs.

MixVideoPlayer by SoftForce LLC

About 2% of users remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to server-54-230-163-20.jax1.r.cloudfront.net (54.230.163.20:80)

TCP (HTTP):

Connects to server-54-230-81-190.mia50.r.cloudfront.net (54.230.81.190:80)

TCP (HTTP):

Connects to ec2-54-187-119-69.us-west-2.compute.amazonaws.com (54.187.119.69:80)

Remove BrowserWeb.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.