topmediaplayer.exe

The executable topmediaplayer.exe has been detected as malware by 7 anti-virus scanners. This is a setup program which is used to install the application. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from www.freemedia-player.com.
MD5:
57e3dd8f20ec7098f53541bfdb66c56e

SHA-1:
c6c10df69b5c31d93be1de01ad42a7f1eff931d3

SHA-256:
2c941805827b7573434a3ddf1a088744c66417121a3d76362f98ad848a259a9c

Scanner detections:
7 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
12/27/2024 7:22:11 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160327-1

Dr.Web
riskware program Program.Unwanted.1291, Win32.Parite.2
9.0.1.05190

ESET NOD32
Win32/Parite.B virus
7.0.302.0

F-Prot
W32/Parite.B
4.6.5.141

Kaspersky
Virus.Win32.Parite
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.215.3073.0

VIPRE Antivirus
Threat.46249
47848

File size:
5.2 MB (5,473,750 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\topmediaplayer.exe

File PE Metadata
Compilation timestamp:
12/6/2009 4:20:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:a915I40ifyjD5E5dRmral/RVmhw2iKeeDrUOFh857XQVJ:aJuSyP52Ialmhw2i1eDrUAyJgz

Entry address:
0x4B000

Entry point:
90, 68, 25, 8A, 19, 00, 5B, 90, BE, 1C, B0, 44, 00, 90, 90, 68, 98, 05, 00, 00, 5F, 31, 1C, 3E, 83, EF, 04, 90, 75, F7, 90, 90, CD, F7, 18, 00, 25, 8A, 19, 00, 25, 8A, 59, 00, EE, BA, 19, 00, 0D, 45, 49, 00, F3, 5F, 49, 00, 25, 3A, 1B, 00, 24, 8A, 19, 00, 45, FA, 59, 00, A1, F2, 59, 00, B3, F2, 59, 00, 9D, E8, 19, 00, A7, F2, 19, 00, B1, F2, 19, 00, 45, D4, 19, 00, A7, F2, 19, 00, B1, F2, 19, 00, 25, 8A, 19, 00, 25, 8A, 19, 00, 25, 8A, 19, 00, 25, 8A, 19, 00, F1, FA, 59, 00, 25, 8A, 19, 00, 25, 8A, 19, 00...
 
[+]

Entropy:
7.9901  (probably packed)

Code size:
22.5 KB (23,040 bytes)

The file topmediaplayer.exe has been seen being distributed by the following URL.

Remove topmediaplayer.exe - Powered by Reason Core Security