home

bxplay.exe

Tor Browser

OLX

The executable bxplay.exe, “Tor Browser Software Updater0FileVersion” has been detected as malware by 1 anti-virus scanner.
Publisher:
Mozilla Foundation`FileDescription  (signed by OLX)

Product:
Tor Browser

Description:
Tor Browser Software Updater0FileVersion

Version:
1.0.0.0

MD5:
8a1642f97da3c16ce3b2534e49934111

SHA-1:
640f4cc6dcbbef6c4e5d01412345ff431c76aa19

SHA-256:
4e9d90dad098b13dad1e562c09432712885fb2541a56a99532152ee121eeebf2

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 9:30:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.7.25.21

File size:
8.4 MB (8,762,296 bytes)

Product version:
9.2.2.3

Copyright:
License: MPL 28LegalTrademarks

Trademarks:
Mozilla

Original file name:
xgd.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\tsplayer\bxplay.exe

Digital Signature
Signed by:
OLX

Authority:
OLX

Valid from:
10/15/2015 6:07:49 PM

Valid to:
10/15/2016 6:07:49 PM

Subject:
CN=www.olx.pt, O=OLX, L=Lisboa, S=Lisboa, C=PY

Issuer:
CN=www.olx.pt, O=OLX, L=Lisboa, S=Lisboa, C=PY

Serial number:
00CF6272F99AFC8D4B

File PE Metadata
Compilation timestamp:
1/27/2016 4:11:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
80.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:5UsMaskp+rz1NKZeETvlSuK36j6yHgGr5tqeBL79vBkM3hU2YXOaceAuWPKB3v3P:U

Entry address:
0x83316E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8.2 MB (8,589,824 bytes)

Remove bxplay.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.