» kantoplayer.exe
Overview
Analysis
File Details
Downloads (4)

kantoplayer.exe

Kanto Player

Globosoft S.R.L.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.softonic.com and multiple other hosts.

File name:

kantoplayer.exe

Publisher:

Globosoft S.R.L.

Product:

Kanto Player

Description:

http://www.kantokaraoke.com/

Version:

7.0.0.0

MD5:

7a27c1ac5d1b42488747d638f56698ac

SHA-1:

1c9ede2bcb89da36fafec23dd32cdf476c970e80

SHA-256:

77c894086c63136860ba9fe8fe20616da08be5175b7e1d84e09a32a5559f5dc7

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 11:47:20 AM UTC (today)

File size:

9.7 MB (10,164,336 bytes)

Product version:

7.0.0.0

Globosoft S.R.L. 2015

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\downloads\kantoplayer.exe

File PE Metadata

Compilation timestamp:

6/19/1992 4:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:Hn+O0EK0IKowMNgrZ2pQvTxEBOLPtxKHStExLnU/aE7afQ0HxQdtm:eFGosF28E2XoIiQdQ

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9973

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file kantoplayer.exe has been seen being distributed by the following 4 URLs.

http://www.softonic.com/sads/tracker.php?ev=c&co=PY&sid=0278eac3ff54400ba0f0e137cc9cb164&upv=27ff0081b8e8ee8d384abcfd1d6232c6&z=results&sk=0&abp=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2C5A95DD48BEC7DE4585B81C85FFC89A02496D1487273C54FDAE0A052A9AA28FB207A0DEE1F98399DFBD09D5785E1B84B46959B2C2FCFAE634A2883A43876C5F80070303F3A02086B4B7107146CB044C1A5B9660ED1BB9877CBBC9B0063CAEFAACC9BF71139A6784A0EDD2D0E46706253EA5FCCD1B9D9BB029B86147DDFE68644FFB83E9F347B5FA94EE98C111F4F3FB4&h=80A2BB68EE84F7DBEC1ED873CFE04AA279FFDB18EB3AAA1AD717D12AE732DD2B&directdownload=1&f=69684966&d=http://www.download77.net/.../KantoPlayer.exe

http://www.softonic.com.br/sads/tracker.php?ev=c&co=BR&sid=a99e534e5a06df5673f77d985e5b8b31&upv=28eab7b406e989712653e6fce59087ef&z=results&sk=0&abp=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAB9D0A325A0C66CC51714148938FC8A6436A83A7EB414729E5C1F9F319E08F2B5347CC2F4ABA617BE5CDD46B6DF617DD0546B323EDF48CC8095A6FE213C3C6FADD92322CBB87200426A5BC6FADFC8E73D9236A1D9ABB07C3FA2F13B12A8511A09A179F90584725A546FEAF9465462207006608BD3BBF885CCDF22E42164655C22912956291F7559EE49D2D9A696140161F0A57FB6D3BF5A9DC21DACC9C50E3A2B&h=84B9768F18784F410C79862322DB71782848844F077ADD39C5EE63AD156C5BCD&directdownload=1&f=69684966&d=http://www.download77.net/.../KantoPlayer.exe

http://download77.net/.../KantoPlayer.exe

http://www.download77.net/.../KantoPlayer.exe

Scan kantoplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.