new player.exe

Tuguu S.L.

The Tuguu download and install manager uses the DomalIQ installer to bundle additional adware offers such as toolbars and browser extensions during the setup process. This software distributes modified installers which are not the same as the original distributed by the author. The application new player.exe by Tuguu S.L has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the TUGUU DomaIQ Setup installer.
Publisher:
Tuguu S.L.  (signed and verified)

MD5:
9bac06913253d9fdce7f816c9c044606

SHA-1:
5cabb2460994014255630c7ffefcb9324f330148

SHA-256:
f9af949f3ec931d8a7e13d79a81e6ffb4e94567c67a8124bc552dc93f891f7a7

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Bundles third-party components such as adware in the installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/8/2024 5:14:19 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Tuguu (M)
17.3.1.4

File size:
318.4 KB (326,008 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
TUGUU DomaIQ Setup

Common path:
C:\users\{user}\downloads\new player.exe

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
3/17/2014 9:54:13 AM

Valid to:
3/17/2015 9:54:13 AM

Subject:
CN=Tuguu S.L., O=Tuguu S.L., L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
04084650990A90

File PE Metadata
Compilation timestamp:
5/20/2014 2:40:43 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x4D24

Entry point:
B8, A8, 9C, 4A, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 70, 65, 63, 4F, 4D, 50, 41, 43, 54, 33, 00, 7F, DB, C9, 82, C0, 11, 02, E2, 89, 81, D3, 95, 0C, 7C, 20, 38, 86, 2A, 03, 03, C8, 99, F3, A4, E6, 2C, 9C, 90, 48, 90, 0C, 6D, B9, 86, 96, 1C, 54, DA, 5F, BA, 79, 42, 2D, 8D, 0A, FA, 7A, 2A, ED, 67, D1, AB, FF, B6, 66, AD, 25, F2, 3B, 02, B5, D4, 24, 85, 80, 46, 4D, EF, AF, 7E, 96, BE, D0, 68, 6D, 3E, 94, 2C, 2A, EA, 15, 97, EF, 7E, 3A, A9, FF, 97, BC, DC, 45, 41, CF...
 
[+]

Entropy:
7.9012  (probably packed)

Code size:
108.5 KB (111,104 bytes)

Remove new player.exe - Powered by Reason Core Security