pms-setup-windows-1.70.1.exe

The executable pms-setup-windows-1.70.1.exe has been detected as malware by 2 anti-virus scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This file is typically installed with the program PS3 Media Server. The file has been seen being downloaded from dl.cdn.chip.de and multiple other hosts.
MD5:
62ed94cc54ed690c79585dee4e1959d4

SHA-1:
77c625d64090831f68de8fdd7494e29e9fdd920c

SHA-256:
00495baeddd37c6d0962849c9b2d035a1618d0be189de292f35b8a6bf3acbba5

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
11/23/2024 2:52:07 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.Crypt.Delf.X
8.14.05.05.12

Reason Heuristics
(M)
16.5.10.23

File size:
30.1 MB (31,532,704 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\pms-setup-windows-1.70.1.exe

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:pD6zWFnoy65iRVB6Lm1evYVJP1YhFaL7nC+5rj3ay5OB:EzKoyeNmIsJ+67nfiy5g

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file pms-setup-windows-1.70.1.exe has been discovered within the following program.

PS3 Media Server  by PS3 Media Server
Publisher's description - “PS3 Media Server is a DLNA compliant Upnp Media Server for the PS3, written in Java, with the purpose of streaming or transcoding any kind of media files, with minimum configuration. It's backed up with the powerful Mplayer/FFmpeg packages.”
www.ps3mediaserver.org
About 7% of users remove it
 
Powered by Should I Remove It?

The file pms-setup-windows-1.70.1.exe has been seen being distributed by the following 4 URLs.

Remove pms-setup-windows-1.70.1.exe - Powered by Reason Core Security