realplayer_br.exe

RealNetworks Installer (32-bit)

RealNetworks, Inc.

This is a setup and installation application. The file has been seen being downloaded from forms.real.com and multiple other hosts.
Publisher:
RealNetworks, Inc.  (signed and verified)

Product:
RealNetworks Installer (32-bit)

Description:
RealNetworks Installer

Version:
4.7.0.4

MD5:
855479072a0e62cdd0d54a9d59776287

SHA-1:
1ce74a9f49fdaaf821058ec2f9585625f8617f3b

SHA-256:
1d1fcbe304414968caeb6867b754c99b848db5d323e8ab384494badd47419c9d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/30/2024 10:16:05 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0810
7.2.94

File size:
748.2 KB (766,128 bytes)

Product version:
4.7.0.4

Original file name:
rnsetup.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\realplayer_br.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
8/2/2011 9:00:00 PM

Valid to:
8/15/2013 8:59:59 PM

Subject:
CN="RealNetworks, Inc.", OU=MS&S, O="RealNetworks, Inc.", L=Seattle, S=Washington, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
17FDFBD161CDD4A95804A4808D678FCA

File PE Metadata
Compilation timestamp:
2/13/2013 4:50:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:zXINMQKUBXcD24tGGshWgR7Qi/2gPiCpbkvmysSzjwSEDPyI5d7kn+m8Uiw+nE9L:uKUBMlGBhjR77PPYoL73mUwME9Do02Up

Entry address:
0x28D7

Entry point:
E8, 5D, 3A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 4C, 27, 41, 00, 00, 75, 18, E8, 9D, 31, 00, 00, 6A, 1E, E8, E7, 2F, 00, 00, 68, FF, 00, 00, 00, E8, F7, 2C, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 4C, 27, 41, 00, FF, 15, FC, D0, 40, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, BC, 2E, 41, 00, 74, 0D, 53, E8, D3, 1D, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 13, 04, 00, 00, 89, 30, E8, 0C, 04, 00, 00, 89...
 
[+]

Code size:
45.5 KB (46,592 bytes)

The file realplayer_br.exe has been discovered within the following program.

FlvPlayer  by installCore
The FlvPlayer uses the InstallCore download manager to bundle additional potentially unwanted applications including web browser extensions such as toolbars.
www.fun-media-player.com
76% remove it
 
Powered by Should I Remove It?

The file realplayer_br.exe has been seen being distributed by the following 3 URLs.

Scan realplayer_br.exe - Powered by Reason Core Security