player-chrome.exe

System Applet

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application player-chrome.exe, “Fusion Install ” by System Applet has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Adknowledge Fusion installer. With this installer, users are expecting to download Google's Chrome web browser but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.
Publisher:
Fusion Install   (signed by System Applet)

Product:
Fusion Install

Description:
Fusion Install

Version:
2.4.8.1

MD5:
d9e2a0ebe8e4495a3e799a4a241ac1eb

SHA-1:
13db5018fabbb39be75d18cc18222417353a464e

SHA-256:
a88c4c162edd573727da589526175f38c1cf4ba4562ecbc6e3ac5c65def8b651

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 1:06:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Adknowledge (M)
17.3.16.11

File size:
226.4 KB (231,800 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) 2013 Fusion Install

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\player-chrome.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/23/2014 7:00:00 PM

Valid to:
3/24/2015 6:59:59 PM

Subject:
CN=System Applet, O=System Applet, STREET="4600 Madison Ave, 10th FL", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
18FCD6B5EEB5AEC66D0222B5CA1850D9

File PE Metadata
Compilation timestamp:
7/2/2014 4:00:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x10617

Entry point:
E8, 40, 36, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 48, 92, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 30, 90, 42, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63...
 
[+]

Entropy:
6.3538

Code size:
158.5 KB (162,304 bytes)

Remove player-chrome.exe - Powered by Reason Core Security