» kmpaddedcode_oppercd.exe
Overview
Analysis
File Details
Downloads (44)

kmpaddedcode_oppercd.exe

Safe Install Software

The application kmpaddedcode_oppercd.exe by Safe Install Software has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from files4.downloadmanager149.com and multiple other hosts.

File name:

Publisher:

Supersonic Rapid Installation (signed by Safe Install Software)

Product:

Supersonic Rapid Installation

Version:

21.3.7.865

MD5:

6d35daa280a36eaa44edc0b17ab7aad3

SHA-1:

eb69874ac2cfa0eabe13b5831742e8e0c026a87d

SHA-256:

34d8bbed44067edad554cd3042ff4d0c0d18fc9ecfacb381a3ba8afb780cad80

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/5/2024 2:27:58 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.DownloadAdmin.SafeInstallSoftware.Installer (M)

15.11.13.22

File size:

882.1 KB (903,272 bytes)

Product version:

21.3.7.865

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\kmpaddedcode_oppercd.exe

Digital Signature

Signed by:

Safe Install Software

Authority:

GoDaddy.com, Inc.

Valid from:

11/3/2015 10:35:38 AM

Valid to:

9/6/2016 1:17:46 AM

Subject:

CN=Safe Install Software, O=Safe Install Software, L=San Francisco, S=California, C=US

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

00E7829E9AC810013E

File PE Metadata

Compilation timestamp:

11/27/2014 9:06:32 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:f0mTd1gVE2Fel18HeVc9Rz1PPV1guA6MtYc+jJF:cg4V5FKGeVcJRgP6MtcL

Entry address:

0x3EAA

Entry point:

E8, 71, 96, 00, 00, E9, 73, 8F, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 83, EC, 20, B9, 1E, 00, 00, 00, 8D, 04, 24, EB, 03, 8D, 49, 00, C6, 00, 00, 40, 83, E9, 01, 75, F7, 53, 55, 8B, 6C, 24, 2C, 56, 8B, C5, 57, 8D, 50, 01, 8A, 08, 40, 84, C9, 75, F9, 2B, C2, 8B, F8, 8D, 5F, 02, 53, FF, 15, 1C, F2, 40, 00, 83, C4, 04, 53, 8B, F0, 55, 56, FF, 15, B0, F0, 40, 00, C6, 04, 3E, 00, C6, 44, 3E, 01, 00, 8D, 4C, 24, 10, B8, 14, 04, 00, 00, 51, 89, 74, 24, 1C, C7, 44, 24, 18, 03, 00, 00, 00, 66, 89... 
[+]

Entropy:

7.9644 (probably packed)

Code size:

53.5 KB (54,784 bytes)

The file kmpaddedcode_oppercd.exe has been seen being distributed by the following 44 URLs.

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=LK&cb=-1537824605&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=DZ&cb=2033624276&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=JP&cb=1428819019&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=-1004896058&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=-84029013&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=-1833847611&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=-1850620312&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IQ&cb=1337321929&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=1663318626&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=DZ&cb=91778495&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=LK&cb=-438354223&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=LK&cb=629705854&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=PK&cb=971585880&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IN&cb=-1232636797&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=683839014&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&cb=1289965721&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=DZ&cb=-1202949253&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=EG&cb=729180037&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IN&cb=1177623373&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=-1547184984&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=LK&cb=-742981981&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=GB&cb=-915118993&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=1190020262&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=1884432926&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=83918299&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=PK&cb=-1422950348&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&cb=-1960523077&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=UA&cb=1576467601&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=1078455777&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=PL&cb=-296732251&osName=unknown&browserName=unknown&zTmp=1&executable=1197171

Latest 30 of 44 download URLs

Remove kmpaddedcode_oppercd.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.