uplayermediaplayer-setup.exe

Full Spectrum Interactive

The application uplayermediaplayer-setup.exe by Full Spectrum Interactive has been detected as a potentially unwanted program by 13 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from files4.mirror2.info and multiple other hosts.
Publisher:
Full Spectrum Interactive  (signed and verified)

MD5:
6683da4967691bfe8fbbad132b56699a

SHA-1:
70f76eaa961b600ee98f6f3e00514917e70c9391

SHA-256:
3aeb3b7d9d3a647a07cb95f158052a433d6b295cfd4da6bc552b135a3ca74838

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 7:26:34 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
InstallC
2015.0.3397

Baidu Antivirus
Adware.Win32.DownloadAdmin
4.0.3.14730

Dr.Web
Adware.DownloadAdmin.1
9.0.1.0211

ESET NOD32
Win32/DownloadAdmin
8.9117

herdProtect (fuzzy)
2014.9.10.11

K7 AntiVirus
Trojan
13.178.12257

Malwarebytes
PUP.Optional.FullSpectrumAdmin
v2014.07.30.05

McAfee
Artemis!6683DA496769
5600.7053

NANO AntiVirus
Riskware.Win32.Downware.crgjbr
0.28.0.59921

Reason Heuristics
PUP.Installer.FullSpectrumInteractive.Y
14.7.30.17

Sophos
Download Admin
4.95

Trend Micro House Call
TROJ_GEN.F47V0418
7.2.211

VIPRE Antivirus
DownloadAdmin
23896

File size:
575.8 KB (589,624 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\uplayermediaplayer-setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/10/2012 5:00:00 PM

Valid to:
6/10/2014 4:59:59 PM

Subject:
CN=Full Spectrum Interactive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Full Spectrum Interactive, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1A1AEF489C94F2C514EA16B9BEBCDEFC

File PE Metadata
Compilation timestamp:
6/22/2012 11:07:51 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:yYQxt2ctKQEGvjITZD+jcEckHnyudpc5y/zDnYDBrfw8AN:ylxIQEMIT5dAzc5y/zUDBrG

Entry address:
0x333B

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, B0, 73, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, C0, 70, 40, 00, 53, FF, 15, 88, 72, 40, 00, 6A, 08, A3, B8, 3C, 42, 00, E8, 2C, 25, 00, 00, 53, 68, 60, 01, 00, 00, A3, C0, 3B, 42, 00, 8D, 44, 24, 38, 50, 53, 68, 43, 74, 40, 00, FF, 15, 64, 71, 40, 00, 68, 38, 74, 40, 00, 68, C0, 33, 42, 00, E8, 1D, 24, 00, 00, FF, 15, BC, 70, 40, 00, 50, BF, 00, 90, 42, 00, 57, E8, 0B, 24, 00, 00...
 
[+]

Entropy:
7.9663

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file uplayermediaplayer-setup.exe has been seen being distributed by the following 4 URLs.

Remove uplayermediaplayer-setup.exe - Powered by Reason Core Security