» gom media player free download.exe
Overview
Analysis
File Details

gom media player free download.exe

Local computer software

TOV Parus LINE IT

The application gom media player free download.exe, “This is software downloader” by TOV Parus LINE IT has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Software Simple.Company (signed by TOV Parus LINE IT)

Product:

Local computer software

Description:

This is software downloader

Version:

2.2.1.1

MD5:

5d621331468e3f4a597925c3e5d3f29b

SHA-1:

b846cd5d5b45e6d57e593a1f16e9f3489939f50a

SHA-256:

9ff73fd0024dea00eac1fccbe4ba4905860d48f934fcd1cc30d566407f7e04be

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

1/14/2025 3:38:43 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.ExpressDownloader (M)

17.3.10.3

File size:

4.7 MB (4,934,336 bytes)

Product version:

2.2.1.111

Trademarks:

TrademarkOne

Original file name:

Simply.downloader

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\gom media player free download.exe

Digital Signature

Signed by:

TOV Parus LINE IT

Authority:

COMODO CA Limited

Valid from:

10/18/2016 5:00:00 AM

Valid to:

4/7/2017 4:59:59 AM

Subject:

CN=TOV Parus LINE IT, OU=IT, O=TOV Parus LINE IT, STREET="Vulytsya Magnitogorska, Budynok 1", L=Kiev, S=Kiev, PostalCode=02122, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

01032810988455843BCE2E50FA308BE6

File PE Metadata

Compilation timestamp:

6/20/1992 3:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x25F0CC

Entry point:

55, 8B, EC, 83, C4, E0, 53, 56, 57, 33, C0, 89, 45, E4, 89, 45, E8, 89, 45, EC, B8, EC, E4, 65, 00, E8, EA, 8B, DA, FF, 33, C0, 55, 68, FB, F4, 65, 00, 64, FF, 30, 64, 89, 20, E8, 0B, 40, DA, FF, 33, C0, 55, 68, 05, F2, 65, 00, 64, FF, 30, 64, 89, 20, C7, 05, BC, BF, 73, 00, 01, 00, 00, 00, E8, C2, 30, E4, FF, 8B, 15, BC, BF, 73, 00, 3B, 04, 95, B4, 3F, 73, 00, 75, 19, A1, BC, BF, 73, 00, 8B, 04, 85, B8, 3F, 73, 00, 8B, 15, BC, BF, 73, 00, 89, 04, 95, B4, 3F, 73, 00, FF, 05, BC, BF, 73, 00, 81, 3D, BC, BF... 
[+]

Entropy:

7.3205

Developed / compiled with:

Microsoft Visual C++

Code size:

2.4 MB (2,483,712 bytes)

Remove gom media player free download.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.