player.exe

The application player.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.lpmxp2021.com.
MD5:
a3cabf5b8e83654c10edfb46dc1d61da

SHA-1:
b28d178866aec52c3edfd9bb985aaa4c9215e673

SHA-256:
443ff727e522d7f6ac20021f0be68cf8dc7eaa7194fe5d7329ff66e0ba453629

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:00:25 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SoftPulse-Q [PUP]
160518-2

Emsisoft Anti-Malware
Application.Bundler.BU
11.5.0.6191

Norman
Application.Bundler.BU
22.05.2016 07:18:28

Reason Heuristics
PUP.Softpulse.Bundler.AT (M)
16.7.9.14

File size:
170.5 KB (174,607 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\player.exe

File PE Metadata
Compilation timestamp:
7/9/2014 1:42:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:a7o1FnnFTMO0mkGOy0vRpEVVx3kES+RNU1+:a7o1FFgKk80pU/SFk

Entry address:
0x53EC

Entry point:
E8, F6, 61, 00, 00, E9, 39, FE, FF, FF, E9, 85, 15, 00, 00, FF, 35, 90, 00, 43, 00, FF, 15, 28, 41, 42, 00, C3, FF, 35, 90, 00, 43, 00, FF, 15, 28, 41, 42, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 73, 59, 00, 00, 6A, 01, 6A, 00, E8, DF, 68, 00, 00, 83, C4, 0C, E9, F6, 68, 00, 00, 55, 8B, EC, 56, FF, 35, 90, 00, 43, 00, FF, 15, 28, 41, 42, 00, FF, 75, 08, 8B, F0, FF, 15, 24, 41, 42, 00, A3, 90, 00, 43, 00, 8B, C6, 5E, 5D, C3, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 33, 6B, 00, 00, 59, 85, C0, 74, 0F...
 
[+]

Entropy:
6.4970

Code size:
137 KB (140,288 bytes)

The file player.exe has been seen being distributed by the following URL.

Remove player.exe - Powered by Reason Core Security