v0newplayerqg177.exe

The application v0newplayerqg177.exe has been detected as a potentially unwanted program by 10 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “NewPlayer”. This file is typically installed with the program NewPlayer by Offers411 which is a potentially unwanted software program.
MD5:
af54c571cc3917e4662963878edefdd1

SHA-1:
18f20702a49f3c1d5eafb7e1fa7c285e5c543563

SHA-256:
05b6638efa2ce34851aa23e48f39c3a91327ac8ccee9778ea3e6a8f9b2ba7a8f

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:34:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.AddLyrics.16
861

avast!
Win32:Dropper-gen [Drp]
140813-1

Baidu Antivirus
Adware.Win32.AddLyrics
4.0.3.14821

Bitdefender
Gen:Variant.Adware.AddLyrics.16
1.0.20.1350

Emsisoft Anti-Malware
Gen:Variant.Graftor.154581
8.14.09.27.12

ESET NOD32
Win32/AdWare.AddLyrics.BK (variant)
8.10293

F-Secure
Gen:Variant.Adware.AddLyrics.16
11.2014-27-09_7

G Data
Gen:Variant.Adware.AddLyrics.16
14.9.24

MicroWorld eScan
Gen:Variant.Adware.AddLyrics.16
15.0.0.810

Reason Heuristics
Threat.Win.Reputation.IMP
14.9.27.0

File size:
182.5 KB (186,880 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ver3newplayer\v0newplayerqg177.exe

File PE Metadata
Compilation timestamp:
8/18/2014 2:03:57 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
3072:2uigokdHbItzelpZnVkxt9+TnEzfBeYJgsbq+KuhC0Pu:2u4kdKqlXnVklPBFJgsbq+KaC0Pu

Entry address:
0x10398

Entry point:
E8, EB, 62, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 10, 5B, 42, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 40, 42, 42, 00, 01, 0F, 82, CB, 63, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0...
 
[+]

Entropy:
6.1475

Code size:
101.5 KB (103,936 bytes)

Service
Display name:
NewPlayer

Type:
Win32OwnProcess


The file v0newplayerqg177.exe has been discovered within the following program.

NewPlayer  by Offers411
NewPlayer is an adware program that runs within the user's web browser and will modify various browser settings such as changing the search provider.
86% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

TCP (HTTP SSL):
Connects to ec2-52-72-157-241.compute-1.amazonaws.com  (52.72.157.241:443)

TCP (HTTP SSL):
Connects to a-0001.a-msedge.net  (204.79.197.200:443)

TCP (HTTP):
Connects to i0-h0-s2039.p9-jfk.cdngp.net  (174.35.73.108:80)

Remove v0newplayerqg177.exe - Powered by Reason Core Security