install video player.exe

The application install video player.exe has been detected as a potentially unwanted program by 29 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from download980.mediafire.com.
MD5:
1258e2b65888783e36c57b24b875ea9d

SHA-1:
2dde40eccd1e50e7579e727f858b8f9201a2c57c

SHA-256:
ad4bd34da01e5216896788f2ac29b2990accee9bd4a1117a1877a5614108eb01

Scanner detections:
29 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
11/27/2024 4:37:17 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Outbrowse.F
334

Agnitum Outpost
PUA.OutBrowse
7.1.1

Avira AntiVirus
APPL/Downloader.Gen
7.11.170.84

avast!
Win32:PUP-gen [PUP]
2014.9-160306

AVG
OutBrowse
2017.0.2812

Baidu Antivirus
HackTool.Win32.OutBrowse
4.0.3.1636

Bitdefender
Application.Bundler.Outbrowse.F
1.0.20.330

Comodo Security
Application.Win32.OutBrowse.~A
19385

Dr.Web
Adware.Downware.1770
9.0.1.066

ESET NOD32
Win32/OutBrowse (variant)
10.10347

Fortinet FortiGate
Riskware/NSIS_OutBrowse
3/6/2016

F-Prot
W32/Outbrowse.A
v6.4.7.1.166

F-Secure
Application.Bundler.Outbrowse
11.2016-06-03_1

G Data
Application.Bundler.Outbrowse
16.3.24

IKARUS anti.virus
PUA.OutBrowse
t3scan.1.7.5.0

K7 AntiVirus
Trojan
13.183.13230

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
14.0.0.557

Malwarebytes
PUP.Optional.OutBrowse
v2016.03.06.04

McAfee
RDN/Generic PUP.x!btx
5600.6468

MicroWorld eScan
Application.Bundler.Outbrowse.F
17.0.0.198

NANO AntiVirus
Trojan.Win32.OutBrowse.cvyscp
0.28.2.61861

Panda Antivirus
Trj/NsisDownloader.A
16.03.06.04

Qihoo 360 Security
Win32/Virus.Downloader.ad6
1.0.0.1015

Quick Heal
Trojan.NSIS.r5
3.16.14.00

Reason Heuristics
PUP.OutBrowse (M)
16.3.6.16

Sophos
OutBrowse
4.98

Trend Micro House Call
TROJ_SPNR.08AU14
7.2.66

Trend Micro
TROJ_SPNR.08AU14
10.465.06

Vba32 AntiVirus
Downloader.OutBrowse
3.12.26.3

File size:
616 KB (630,760 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\install video player.exe

File PE Metadata
Compilation timestamp:
12/6/2009 2:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:G2FyhCfsMntd1zdwVWyK1EzotWlj+kzVX0xp+lHTNo5uLMxHeXAkepYsq4U:GWyhCfsMtpwof1EzotWln3M6VXopa4U

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9785

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file install video player.exe has been seen being distributed by the following URL.

Remove install video player.exe - Powered by Reason Core Security