realplayer_br.exe

RealNetworks Installer (32-bit)

RealNetworks, Inc.

This is a self-extracting archive and installer. The file has been seen being downloaded from global-shared-files-l3.softonic.com and multiple other hosts.
Publisher:
RealNetworks, Inc.  (signed and verified)

Product:
RealNetworks Installer (32-bit)

Description:
RealNetworks Installer

Version:
5.1.0.54

MD5:
35596a47d678b46c1569e5a9f9cf69bb

SHA-1:
2d19eedc794498546cfea3457db2f3deec6e1e2a

SHA-256:
c5ba65ac5030e83021ce58ff1876e4792e73a09aab3effc877a1538f4cd2b555

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:41:29 AM UTC  (today)

File size:
794.2 KB (813,232 bytes)

Product version:
5.1.0.54

Original file name:
rnsetup.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\realplayer_br.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
7/25/2013 9:00:00 PM

Valid to:
8/15/2015 8:59:59 PM

Subject:
CN="RealNetworks, Inc.", OU=MS&S, O="RealNetworks, Inc.", L=Seattle, S=Washington, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
72B64DF3DBCC1FB70C7858961B8A5BBA

File PE Metadata
Compilation timestamp:
1/2/2014 5:42:05 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:wunxTkOvTJRGEzbg1mp37tUS3LR/sMh/lwrbvBoH:h5SEzbpRtUS3dzlObvW

Entry address:
0x3317

Entry point:
E8, E9, 41, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 38, 28, 41, 00, 00, 75, 18, E8, D0, 3B, 00, 00, 6A, 1E, E8, 1A, 3A, 00, 00, 68, FF, 00, 00, 00, E8, 2A, 37, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 38, 28, 41, 00, FF, 15, 10, D1, 40, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, AC, 2F, 41, 00, 74, 0D, 53, E8, 04, 20, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 32, 03, 00, 00, 89, 30, E8, 2B, 03, 00, 00, 89...
 
[+]

Code size:
48 KB (49,152 bytes)

The file realplayer_br.exe has been seen being distributed by the following 17 URLs.

http://global-shared-files-l3.softonic.com/2d1/9ee/.../file?nvb=20140408162203&nva=20140409042303&token=0f82320e8e93344949d38&id_file=11477&channel=WEB&instance=softonic_br&type=PROGRAM&fdh=no&SD_used=0&filename=RealPlayer_br.exe

http://global-shared-files-l3.softonic.com/2d1/9ee/.../file?nvb=20140322101319&nva=20140322221419&token=075f4612a99660c8bb5fc&id_file=11477&channel=WEB&instance=softonic_br&type=PROGRAM&fdh=no&SD_used=0&filename=RealPlayer_br.exe

http://cdn.deliverpackagesworld.com/c?x=cdvvZhFyL GB uXrjjxAV2PuoLa19laE1JsuBaACgs8=&c=fIMmTW Wb1fOGQjAyG/xXwox1sH WUc/zibfIwcNiXjW0vTCDXPYBQoj7A4E3vGKV/SVw4gbaJG/ SIE7e0bsQ==&fallback_url=http://forms.real.com/real/realone/.../intl_download.html?type=rp12_br&src=ZG.br.realplayer.realplayer.760.rpsp_br

http://esd.nzs.com.br/programas/.../290-RealPlayer_br.exe

http://d.likelyaa.com/?ic_user_id=9289&data=pBtXRS2lpUmVX tnPDUFHkJcEBk7yEwR1vZx2UKOQfluMsmdBYGt7o QGuu6oCTS8vnnPpHC/H/Bb79fmBlA5TzCShFjRkpJnMsHts0vHEQj3pDw9rhxTwTFBnpMNiLrL2oiJo8HBUJwQq08ldr2kCHLfh1RSv1d/5C3lGgJeoiHiU0LIaMeHF5TVJq 6YnRLox6wqYZl6P5uojHfw8Zj7Ip4bvIbcHU/5htHRbQkomxoFNCqNPLw8lQYucLBpTSXw3SqtLKP1/uGjA0nxXeiIJLhNFZ7xyZxIUg3hNPvk5dmoSVzBn5qdH6m/FAcKyd3ArmLKVLhkAsC6nBe0/V2IWTPpOQ9pzEXxgp3iKbwPMMwSFxAV6e9DmbzSTi3KByh5ysM7j4tivymafCXmCvEOP3Ckmm39Q4HrGiXDHyXJqEXp5bSqQYr4l9LLZ/e1huEy8rN9m4hbUE1BcXjCrPAV/2zlLrVytrHXIbh8dUflo10o1VNqAJxiault1Qip5sEIEc bKWggVLLu7qpoqh5IN3tzsSM9rg9h6XI0ZJtb6vNR Y27/rvZHL4FwMEyMjz5f04lydtKfx O9DHNAfAdqnL6APmIlQyEE1eQ0yDlArJuQr 55MVl9HG5c4R2wH0rG0uaHs/O5ocafZwxuP78yO6gh/RPuaHwh6PKgN2RTuJrS9dKBZ7u1bwXslJnb/HQ==&key=JxpFWsSsk4FeSuVPN5uQ3rxmN5tTZuLk0RXGM0yRKmXHfbEZGeHf Ak CdoPVwccDNG9Gqk a2mJOc6xswamyLOthUIoJPFu4M/.../55GznQ801rvNFwz0q3tBWHo1W6AkYq8nuaPk8OqZcGlz5pOgn3OQEWBDXzEeuF6vElbzdOejrdARrqgxh61dwEYFLtXreXoC

http://gerenciador.nzs.com.br/nocache/programas/urls/iron/.../realplayer-64-81-4102921.exe

Scan realplayer_br.exe - Powered by Reason Core Security