p2newplayerp91.exe

The application p2newplayerp91.exe has been detected as a potentially unwanted program by 17 anti-malware scanners. This file is typically installed with the program NewPlayer by Offers411 which is a potentially unwanted software program. While running, it connects to the Internet address ip-50-63-202-58.ip.secureserver.net on port 80 using the HTTP protocol.
MD5:
7e9ea092df3ac1fe2b4481b4e174b724

SHA-1:
69dd2795834542d3ee34f04fd81ae8b94649e615

SHA-256:
8460e8d412cfb6fce274ca275722b106a7ba15850a0327d9fa511c7cf458a596

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
11/2/2024 5:20:17 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.AddLyrics.18
781

AegisLab AV Signature
AdWare.MSIL.DomaIQ
2.1.4+

Agnitum Outpost
PUA.AddLyrics
7.1.1

Avira AntiVirus
ADWARE/Adware.Gen4
7.11.183.186

avast!
Win32:Adware-gen [Adw]
2014.9-141215

AVG
Adware Generic5
2015.0.3259

Baidu Antivirus
Adware.Win32.AddLyrics
4.0.3.141215

Bitdefender
Gen:Variant.Adware.AddLyrics.18
1.0.20.1745

Emsisoft Anti-Malware
Gen:Variant.Adware.AddLyrics.18
8.14.12.15.02

ESET NOD32
Win32/Adware.AddLyrics.CF (variant)
8.10691

F-Secure
Gen:Variant.Adware.AddLyrics.18
11.2014-15-12_2

G Data
Gen:Variant.Adware.AddLyrics.18
14.12.24

IKARUS anti.virus
PUA.AdLyrics
t3scan.1.7.8.0

Malwarebytes
PUP.Optional.AdLyrics
v2014.09.11.08

MicroWorld eScan
Gen:Variant.Adware.AddLyrics.18
15.0.0.1047

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.15.13

VIPRE Antivirus
Threat.5063086
32938

File size:
478.5 KB (489,984 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ver0newplayer\p2newplayerp91.exe

File PE Metadata
Compilation timestamp:
9/10/2014 5:38:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:VUg9hVWeUxkl8JPkWOsPNEmslK3jBdPAu:VVnWeUxk4cQ1EmmKfPAu

Entry address:
0x178E9

Entry point:
E8, A9, B5, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 68, AE, 44, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 44, 9D, 44, 00, 01, 0F, 82, 82, B7, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10...
 
[+]

Entropy:
6.0995

Code size:
237 KB (242,688 bytes)

The file p2newplayerp91.exe has been discovered within the following program.

NewPlayer  by Offers411
NewPlayer is an adware program that runs within the user's web browser and will modify various browser settings such as changing the search provider.
86% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ip-50-63-202-58.ip.secureserver.net  (50.63.202.58:80)

Remove p2newplayerp91.exe - Powered by Reason Core Security