smart hd player installer.exe

SmartHDPlayer

The executable smart hd player installer.exe has been detected as malware by 27 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SmartHDPlayer’. The file has been seen being downloaded from doc-08-ac-docs.googleusercontent.com and multiple other hosts.
Product:
SmartHDPlayer

Version:
2.7.1.2

MD5:
3fce4b7985d1b848ae56c80751b34b5d

SHA-1:
92dc79a86b6b3872c20f16c0b6b2923454241a5c

SHA-256:
5674fe2d63ae008b1a66d9a28cc735baf282b791e3f46102489753abef7b9d47

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
11/27/2024 2:44:22 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Scar
7.1.1

AhnLab V3 Security
Trojan/Win32.Scar
2013.07.27

Avira AntiVirus
TR/Kilim.A.12
7.11.93.56

avast!
Win32:Malware-gen
2014.9-150509

Bitdefender
Trojan.GenericKDV.1038120
1.0.20.645

Comodo Security
UnclassifiedMalware
16654

Dr.Web
Trojan.AVKill.31251
9.0.1.0129

Emsisoft Anti-Malware
Trojan.GenericKDV.1038120
8.15.05.09.06

ESET NOD32
Win32/AHK
9.8611

Fortinet FortiGate
W32/Scar.HOEI!tr
5/9/2015

F-Secure
Trojan.GenericKDV.1038120
11.2015-09-05_7

G Data
Trojan.GenericKDV.1038120
15.5.22

IKARUS anti.virus
Trojan.Win32.Cutolomo
t3scan.2.2.29

Kaspersky
Trojan.Win32.Scar
14.0.0.2066

Malwarebytes
Trojan.Agent.AI
v2015.05.09.06

McAfee
RDN/Generic.dx!cgw
5600.6770

Microsoft Security Essentials
Trojan:Win32/Cutolomo.A
1.165.247.01

MicroWorld eScan
Trojan.GenericKDV.1038120
16.0.0.387

Norman
Troj_Generic.LQZVA
11.20150509

Panda Antivirus
Trj/CI.A
15.05.09.06

Qihoo 360 Security
Malware.QVM11.Gen
1.0.0.1015

Quick Heal
(Suspicious) - DNAScan
3.14.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.5.9.14

Rising Antivirus
PE:Spyware.KeyLogger!1.9F7B
23.00.65.14227

Sophos
Mal/Generic-S
4.91

Vba32 AntiVirus
Trojan.Scar
3.12.22.2

VIPRE Antivirus
Trojan.Win32.Generic
19886

File size:
324.5 KB (332,288 bytes)

Product version:
2.7.1.2

Copyright:
2014

Original file name:
SmartHDPlayer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\smart hd player installer.exe

File PE Metadata
Compilation timestamp:
1/31/2014 10:45:34 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:vCfW5QrnKT/EoA5YlDRy70obd8v4gPbjJOcrFPxQ8Pn8+z3wi33LiUdY:ve+HzjEwoJ0YkxdnnwALi

Entry address:
0xB6450

Entry point:
60, BE, 00, A0, 46, 00, 8D, BE, 00, 70, F9, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.8766

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
308 KB (315,392 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SmartHDPlayer

Command:
"C:\users\{user}\appdata\roaming\smart hd player installer.exe"


The file smart hd player installer.exe has been seen being distributed by the following 2 URLs.

Remove smart hd player installer.exe - Powered by Reason Core Security