home

player setup.exe

The application player setup.exe has been detected as a potentially unwanted program by 33 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from dl.game-time.co.
MD5:
5ffec58f6d2113d6c27ddc9f36b29ca9

SHA-1:
d48edfde5102940c7903ea589b9b0d0b391298c1

SHA-256:
b9a16fb30726458b74064a82d4e816f92ca4c2ce794b8f26b95a706a20e384a0

Scanner detections:
33 / 68

Status:
Potentially unwanted

Analysis date:
11/7/2024 10:29:58 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.1144744
733

Agnitum Outpost
Packed/PECompact
7.1.1

AhnLab V3 Security
Win-PUP/SoftPulse
2015.01.14

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:SoftPulse-DJ [PUP]
150101-1

AVG
Generic
2016.0.3211

Bitdefender
Application.Bundler.SoftPulse.P
1.0.20.165

Bkav FE
W32.HfsAdware
1.3.0.6267

Clam AntiVirus
Win.Adware.Softpulse-91
0.98/19965

Comodo Security
Application.Win32.SoftPulse.D
20702

Dr.Web
Trojan.Domaiq.107
9.0.1.033

Emsisoft Anti-Malware
Adware.Generic.1144744
8.15.02.02.07

ESET NOD32
Win32/SoftPulse.W potentially unwanted application
9.7.0.302.0

Fortinet FortiGate
Riskware/SoftPulse
2/2/2015

F-Prot
W32/S-68b8ba6a
v6.4.7.1.166

F-Secure
Adware.Generic.1144744
11.2015-02-02_2

G Data
Application.Bundler.SoftPulse
15.2.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.191.14631

Kaspersky
not-a-virus:Downloader.Win32.DriverUpd
14.0.0.2548

Malwarebytes
PUP.Optional.DigiPlug
v2015.02.02.07

McAfee
Program.SoftPulse
5600.6867

MicroWorld eScan
Application.Bundler.SoftPulse.P
16.0.0.99

NANO AntiVirus
Trojan.Win32.DriverUpd.dmhxcl
0.30.0.64448

Norman
Inject.!gen
11.20150202

Panda Antivirus
Trj/Genetic.gen
15.02.02.07

Qihoo 360 Security
Malware.QVM17.Gen
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
15.2.2.8

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.15131

Sophos
PUA 'SoftPulse' (of type Adware)
59

Vba32 AntiVirus
Signed-Adware.Softpulse
3.12.26.3

VIPRE Antivirus
Threat.4783235
36504

Zillya! Antivirus
Adware.SoftPulse.Win32.86
2.0.0.2038

File size:
829.1 KB (849,024 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\player setup.exe

File PE Metadata
Compilation timestamp:
1/16/2015 8:28:41 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:wDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPh:MFhwFzPBYb02y4SA5Mo

Entry address:
0xD1F6

Entry point:
B8, 04, 4F, 4F, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 72, 77, 61, 73, F1, 69, 6F, 75, 37, 69, 00, BD, E0, 1B, 9D, F3, 0F, E0, 04, B2, 30, 6F, C5, B2, 4E, 4C, DD, DE, AB, D6, 05, 75, 42, 60, 93, 74, E5, 55, A7, 31, D3, 5C, 00, F1, 79, C9, BD, 9B, F6, 2C, BA, 73, E8, 12, 7F, 3E, 56, 3A, 57, A3, F2, 41, 8D, 9A, BC, 5A, E7, 98, 33, DD, 73, 1B, C4, 6F, B6, 82, AB, 92, 10, 9B, 1B, 94, 63, B4, 0C, AF, EB, 94, 42, 06, 8E, F0, D5, 51, 7C, CA, 01, D0, 68, 23, 6D, 3D, F6, E2...
 
[+]

Entropy:
7.9793  (probably packed)

Code size:
146.5 KB (150,016 bytes)

The file player setup.exe has been seen being distributed by the following URL.

http://dl.game-time.co/.../donwload?CID=275368&SID=CA&AFID=296812&rd=1&AffiliateReferenceID=339165005-3626&p_r=Global_Gameoff_STT_Solitaire

Remove player setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.