home

vce player 1.1.7 (you can open any vce file exist here only ).exe

Ahmed Negm

The executable vce player 1.1.7 (you can open any vce file exist here only ).exe, “VCE Player 1.1.7 Installation ” has been detected as malware by 11 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from download1403.mediafire.com and multiple other hosts.
Publisher:
Ahmed Negm

Description:
VCE Player 1.1.7 Installation

Version:
1.1.7

MD5:
90b72042447e1d66dc957ac133de7913

SHA-1:
46ba90a5b17d82257a209e3136437543b93f4c38

SHA-256:
d1103533cea6ab5123444f8fb1b3e86d7f3b025414fb401fc231ad6f745c2e75

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/23/2024 7:41:03 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13138960
657

AVG
Win32/DH{ATY5}
2016.0.3135

Bitdefender
Trojan.Generic.13138960
1.0.20.540

Emsisoft Anti-Malware
Trojan.Generic.13138960
8.15.04.18.09

F-Secure
Trojan.Generic.13138960
11.2015-18-04_7

G Data
Trojan.Generic.13138960
15.4.25

IKARUS anti.virus
Trojan.Win32.Spy
t3scan.1.8.9.0

MicroWorld eScan
Trojan.Generic.13138960
16.0.0.324

nProtect
Trojan.Generic.13138960
15.04.10.01

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
1.0.0.1015

VIPRE Antivirus
Trojan.Win32.Generic
39290

File size:
7.7 MB (8,118,048 bytes)

Copyright:
Ahmed Negm

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:Rt7B75SVZq9nLUMt/nlXLAQZXTogKTDQyqGlcuXSmCdR9zON3zo+:vrSV2nwMtfVLzXZKHcm1Xu9zGP

Entry address:
0x25468

Entry point:
55, 8B, EC, 83, C4, F0, B8, 88, 53, 42, 00, E8, 24, F2, FD, FF, B8, C8, 54, 42, 00, E8, 2A, 1C, FE, FF, 8B, 15, 40, 88, 42, 00, 89, 02, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, 48, 88, 42, 00, E8, E4, D3, FF, FF, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, DC, 87, 42, 00, E8, 7A, 64, FF, FF, A1, 40, 88, 42, 00, E8, AC, 4E, FE, FF, E8, DF, E0, FD, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9842

Developed / compiled with:
Microsoft Visual C++

Code size:
145.5 KB (148,992 bytes)

The file vce player 1.1.7 (you can open any vce file exist here only ).exe has been seen being distributed by the following 10 URLs.

http://download1403.mediafire.com/b5bznjnl5epg/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://download1991.mediafire.com/49bxizl5qqbg/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://dc478.4shared.com/download/.../VCE_Player_Negm_Edition_117.exe

http://download1204.mediafire.com/8jir88uk07yg/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://download661.mediafire.com/rdbnib3mdazg/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://download661.mediafire.com/3bnp91qnqvgg/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://download852.mediafire.com/03zcp8i436ag/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://download1261.mediafire.com/oguc74327hog/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

http://download1089.mediafire.com/0cy17c2oyyvg/.../VCE Player 1.1.7 (you can open any vce file existed here only ).exe

https://www.dropbox.com/s/.../VCE Player 1.1.7.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.