home

hdvideoplayer.exe

Gugomani

Silagepu

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.nowbitstag.com.
Publisher:
Silagepu

Product:
Gugomani

Description:
Gugomani Setup

Version:
1.5.2.7

MD5:
aaed3eeff36cf4c249f72923b664f855

SHA-1:
d3f9d67be60b45d4a2539ff87528733805a7d4bd

SHA-256:
e2bdd5b584980b1e6096225d938202c52b94f4f26ad832633c840a35e621f2eb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 12:30:27 AM UTC  (today)

File size:
1.1 MB (1,114,912 bytes)

Product version:
5.8.8

Copyright:
Internet Application Program

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\hdvideoplayer.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:1gvaiPYpMIblKQzbjsAbr+KOIwk/cdyBjOK90P5yxm86LEA:1gSiUlKAjsSCKOI7x7xm86gA

Entry address:
0x9C40

Entry point:
F6, C2, 26, BB, 65, A8, 88, FA, 31, C0, 81, F2, 70, 3D, D3, CF, 10, F0, 4A, 69, ED, F7, D0, 14, 83, 85, CD, 69, E9, EF, 14, B2, 67, 19, FD, 85, CE, 75, 01, 4E, 8B, D1, 72, 06, C6, C7, 2E, F6, C6, A5, 85, EA, 75, 04, 85, E8, 86, F8, B9, 00, 00, 00, 00, 08, E0, 8A, FF, 33, CA, 70, 0A, 84, E5, 81, C0, 99, E4, 48, F2, 01, DF, 0F, AF, CF, F2, 68, 42, 42, 68, 00, 68, 58, 0D, C4, 00, 34, 7C, 69, DA, B0, D1, 49, C5, 49, 53, F7, C5, 7A, 2D, 4F, 88, 0F, AF, F5, E8, 00, 00, 00, 00, 5B, F7, C2, 64, 23, 85, 2E, C7, C5...
 
[+]

Entropy:
7.9131  (probably packed)

Code size:
37 KB (37,888 bytes)

The file hdvideoplayer.exe has been seen being distributed by the following URL.

http://www.nowbitstag.com/WVl6OTRQVTQyVEhreWNUSklielU1YWxvd2JUVnRTemxJVlRCTVRqQTBVbGR3YVRkQ1UyOXFaMFZ4WTJaclIwa2xNMFFtWXowbE1rSlRTMHRqVWtrMUpUSkNkRXRJVVZacmNGUlROMWRaWWprMFdFZG9VRTF5VlNVeVJsaGlPWEpQZWs5UlFuZEVUbGwzZVVKS1dYcHhNa3R3TkZWTkpUSkNkMG81U0hGUWFWbDZTMjF4UXpGVFNDVXlRbUY0TVU1NFV6aHhUazRsTWtaSWQwMDNKVEpHU0d0WlJqbFhXamhqTVhKalZtRnpkbkpRV0hOM0pUSkNNVWRzVEROS05VbDJRVmxLZUVjbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0yRWxNbVlsTW1aalpHNHVjMjltZEdSc2NHOXlkR0ZzTVRFNUxuaDVlaVV5WmtoRVgxQnNZWGxsY2w5VFpYUjFjQzU2YVhBbVpHOTNibXh2WVdSQmN6MUlSRlpwWkdWdlVHeGhlV1Z5TG1WNFpRPT0=

Scan hdvideoplayer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.