mediaplay-admin.exe

Media, LLC

The application mediaplay-admin.exe by Media has been detected as a potentially unwanted program by 11 anti-malware scanners.
Publisher:
Media, LLC  (signed and verified)

MD5:
3d38beecff00ea60240d66a5106bf3ce

SHA-1:
5e81cc3f71f92fba965b52a1f08d90145e996845

SHA-256:
c41ede42f74053abfbd39497e5a41846de5a937114545de1d30a0d57a95b5b40

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 7:26:58 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Downloader
7.1.1

Avira AntiVirus
PUA/MediaGet.Gen
8.3.1.6

AVG
Media
2017.0.2843

Baidu Antivirus
PUA.Win32.MediaGet
4.0.3.1625

Bkav FE
W32.HfsAdware
1.3.0.6979

Dr.Web
Program.Mediaget.135
9.0.1.036

ESET NOD32
Win32/MediaGet.AE potentially unwanted
10.11989

K7 AntiVirus
Adware
13.207.16667

Kaspersky
not-a-virus:Downloader.Win32.MediaGet
14.0.0.708

McAfee
Artemis!3D38BEECFF00
5600.6499

Quick Heal
Downloader.MediaGet.r5 (Not a Virus)
2.16.14.00

File size:
114.5 KB (117,240 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\mediaplay-admin.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/16/2013 6:00:00 AM

Valid to:
5/16/2016 5:59:59 AM

Subject:
CN="Media, LLC", O="Media, LLC", STREET="korp.2 Liter A, 4 Optikov ul.", L=St. Petersburg, S=Russian Federation, PostalCode=197374, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00888D89600E3B2E7392B928DD5903A546

File PE Metadata
Compilation timestamp:
9/4/2013 6:03:08 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
1536:x+p8g/lgHpftR1zlnT3vACCALIDpD8XSkJGvhRScqY/KvIVQ5qJ3Lh:OaFBxnjvAvB5EGJRHIgVQ5qJ3

Entry address:
0x4B04

Entry point:
E8, 2F, 5F, 00, 00, E9, A4, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 50, A5, 41, 00, 89, 0D, 4C, A5, 41, 00, 89, 15, 48, A5, 41, 00, 89, 1D, 44, A5, 41, 00, 89, 35, 40, A5, 41, 00, 89, 3D, 3C, A5, 41, 00, 66, 8C, 15, 68, A5, 41, 00, 66, 8C, 0D, 5C, A5, 41, 00, 66, 8C, 1D, 38, A5, 41, 00, 66, 8C, 05, 34, A5, 41, 00, 66, 8C, 25, 30, A5, 41, 00, 66, 8C, 2D, 2C, A5, 41, 00, 9C, 8F, 05, 60, A5, 41, 00, 8B, 45, 00, A3, 54, A5, 41, 00, 8B, 45, 04, A3, 58, A5, 41, 00, 8D, 45, 08, A3, 64, A5, 41...
 
[+]

Code size:
80 KB (81,920 bytes)

Remove mediaplay-admin.exe - Powered by Reason Core Security