» live-player_setup.exe
Overview
Analysis
File Details
Downloads (1)

live-player_setup.exe

The executable live-player_setup.exe has been detected as malware by 10 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from download.live-player.com.

File name:

MD5:

18fd899bd087778bd6c59cb384a94076

SHA-1:

c9b647ca5fb7ee3fb2ddaa05f8567fbd20aa3544

SHA-256:

f262f9b6d5e97d88ea29d7f99d552dad97afbb3a90cdefe46829bcb459fba4fa

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

11/6/2024 12:29:20 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Hrupka-A [Cryp]

160327-1

Dr.Web

probably Trojan.Packed.680

9.0.1.05190

Emsisoft Anti-Malware

Trojan.Skintrim.3284

11.5.0.6191

ESET NOD32

Win32/Skintrim.IQ trojan

8.0.319.0

F-Prot

W32/Wintrim.C.gen

4.6.5.141

F-Secure

Trojan.Skintrim.3284

5.15.96

Kaspersky

Packed.Win32.Katusha

15.0.0.562

McAfee

Trojan.Downloader-BPJ

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.217.1832.0

Norman

Trojan.Skintrim.3284

10.04.2016 15:29:17

File size:

652.2 KB (667,896 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\live-player_setup.exe

File PE Metadata

Compilation timestamp:

3/22/2007 11:24:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:kbkiMpzR4lEJSqZ5TSHUh2p3CTjdt8nw7ZGCeN7Qo5zasiJxlbi+pEVTmj:QSow5cwjTjdf7ZGH2o5znuxlbi4kTM

Entry address:

0x1D50

Entry point:

53, C1, E8, 03, 66, 25, 00, 00, 80, F1, 48, 34, AA, 66, 03, C3, 66, 03, D3, 83, C0, 18, B9, 30, 18, 40, 00, 66, 35, 00, 00, C1, EB, 09, FF, D1, 05, 16, F7, 19, BA, 25, CA, 15, 00, 00, 2D, 7A, 8E, 8F, 00, 2D, 40, 52, 72, 00, 5B, C3, 90, 90, 90, 90, 90, 90, 3A, 00, E6, 54, 1A, 00, 7A, 60, EC, CA, 00, D6, A6, 62, B2, E4, 3E, 06, 98, 00, EA, 34, CC, 82, FA, BA, 00, A6, E2, EA, CE, 78, 00, E0, 38, 00, AC, 14, 62, F8, 46, 00, 16, 0A, 66, 00, 00, D8, AC, 56, 02, D8, 40, 00, 00, 94, 9E, E0, 02, C6, 00, 34, BA, FA... 
[+]

Code size:

306 KB (313,344 bytes)

The file live-player_setup.exe has been seen being distributed by the following URL.

http://download.live-player.com/Live-Player_setup.php?&grpid=3332&tag_id=928&nums=FHX.e9cAOb

Remove live-player_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.