home

karafun_player.exe

KaraFun Player

Recisio

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from dl.khophanmem.vn.
Publisher:
Recisio

Product:
KaraFun Player

Description:
KaraFun Player Setup

Version:
1.20.86

MD5:
5cf8819148cb11faeb20b026cd6f7036

SHA-1:
c652e07002667753d69e32cbb7dd6b14056b6683

SHA-256:
707c853154d325a779c6942f43f13929c65ec64535f59e553c59b6d91f2d3e16

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 12:54:41 AM UTC  (today)

File size:
5.1 MB (5,337,900 bytes)

Product version:
1.20.86

Copyright:
Copyright (C) 2007 RECISIO

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\karafun_player.exe

File PE Metadata
Compilation timestamp:
1/6/2010 4:56:24 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:ByMioiLY0uTOTGMuTM7BwvQvV8Dp+hzBgNvXe/UGhKx:B0ETOnuTM7Bwov622vX0U1

Entry address:
0x163C4

Entry point:
B5, 37, 81, FA, 3D, 14, A5, FF, 80, F8, 1A, 0F, AF, C7, 8A, C4, EB, 04, FF, C5, 11, C5, 8B, E9, 8B, C5, 69, EF, 32, D8, 4C, 78, 0F, B7, E8, BD, F7, 95, 00, 00, 81, F5, 4D, 99, 00, 00, 81, ED, BA, 0C, 00, 00, 81, ED, 0A, F3, FF, FF, 81, F5, 57, 04, 00, 00, 68, 2F, 82, 08, 00, F7, C1, 59, EC, 45, 53, 5A, 81, EA, 2F, 82, 08, 00, 87, D5, 8D, 2D, 34, A7, D7, AF, 81, F2, A1, 08, 00, 00, 85, CE, 33, D0, C7, C5, CB, A2, 6B, 39, 8D, 3A, 8D, 05, BE, 4E, 48, CA, 8B, CF, C6, C4, 04, 51, FF, CA, 5E, 81, DD, 10, B0, E6...
 
[+]

Code size:
85 KB (87,040 bytes)

The file karafun_player.exe has been seen being distributed by the following URL.

http://dl.khophanmem.vn/karafun_player.exe

Scan karafun_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.