NewPlayer.exe

NewPlayer

The application NewPlayer.exe has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Product:
NewPlayer

Version:
2.1.1.9

MD5:
b90b1b511227215a8072a293262d1ca7

SHA-1:
1a7079075c6fcb76253019d9f642b9648705ab9d

SHA-256:
640a6ba956965a5d0d2031caef4a02349c1183c71e5e04523de936b520c6a291

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 5:25:38 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewPlayer.J
14.5.20.13

File size:
2.7 MB (2,785,792 bytes)

Product version:
2.1.1.9

Copyright:
Copyright © 2013

Original file name:
NewPlayer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\newplayer\newplayer.exe

File PE Metadata
Compilation timestamp:
5/16/2014 8:39:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:zwLSUUWA3MminLjQe8tSnLHzYTszOAfGxyZwhh98ezXUf:zwLSdWA16jQH88TszOAfGxyZwhDzzK

Entry address:
0x2A18FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.4957

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.6 MB (2,750,976 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-54-213-145-21.us-west-2.compute.amazonaws.com  (54.213.145.21:80)

TCP (HTTP):
Connects to ham02s13-in-f6.1e100.net  (173.194.39.6:80)

TCP (HTTP):
Connects to ee-in-f95.1e100.net  (173.194.65.95:80)

TCP (HTTP):
Connects to ec2-54-200-225-2.us-west-2.compute.amazonaws.com  (54.200.225.2:80)

Remove NewPlayer.exe - Powered by Reason Core Security