home

mkv-player_setup_download.exe

DownloadGuide

The application mkv-player_setup_download.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup program which is used to install the application. During install, it bundles potentially unwanted software on a user's computer at the same time without adequate consent. The file has been seen being downloaded from mkv-player.pro.de.
Product:
DownloadGuide

Version:
9.9.9.9

MD5:
0e351427dbacff756a6f5eae90cf6993

SHA-1:
001a1ffb47065ac83e04178479d99f71e921b577

SHA-256:
9c3413d24ab7e2052ba61ea78c7580fc8e3a1b02aa54cd2b68457b6404204c65

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
May bundle additional potentially unwanted software such as adware during setup.

Analysis date:
1/12/2025 8:25:39 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
140516-1

Dr.Web
Trojan.DownLoader9.27736
9.0.1.0137

ESET NOD32
MSIL/DownloadGuide (variant)
8.9812

Malwarebytes
PUP.Optional.BundleInstaller.A
v2014.05.17.06

File size:
449.8 KB (460,552 bytes)

Product version:
9.9.9.9

Copyright:
Copyright © 2012

Original file name:
in.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mkv-player_setup_download.exe

File PE Metadata
Compilation timestamp:
9/25/2013 9:23:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:aAXPiHF/UJv55+ST1NJIujLfFeif4hhWTYZLQTAEArAPfl9d9ELMrZc7SE9r:aAXqGv3+y1MifFSL5EOAXjd9ELMu7V

Entry address:
0x4815E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
280.5 KB (287,232 bytes)

The file mkv-player_setup_download.exe has been seen being distributed by the following URL.

http://mkv-player.pro.de/.../download_do.php?id=16941

Remove mkv-player_setup_download.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.