VideoPlayer.exe

Video Player Plugin

Dizi Company LTDSTI

The executable VideoPlayer.exe has been detected as malware by 17 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.bufiyataolmaz.com.
Publisher:
Dizi Company LTDSTI

Product:
Video Player Plugin

Description:
Video Player

Version:
1.0.0.0

MD5:
448e7ad78ebebc053c2ac7ad7794f6e1

SHA-1:
ab459e1c3b35b110f76dd919e71393e329679397

SHA-256:
4c292de80b8159ac994f96612ba6239598c2ea0ee6b7517643e228f526781417

Scanner detections:
17 / 68

Status:
Malware

Analysis date:
11/26/2024 11:21:31 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/BHO.Sebutag
7.11.58.210

avast!
Win32:Dropper-gen [Drp]
2014.9-160726

Bitdefender
Trojan.Generic.8551052
1.0.20.1040

Comodo Security
TrojWare.Win32.Agent.~fry
15063

Emsisoft Anti-Malware
BrowserModifier.Win32.Sebutag.AMN
8.16.07.26.01

F-Secure
Trojan.Generic.8551052
11.2016-26-07_3

G Data
Trojan.Generic.8551052
16.7.22

IKARUS anti.virus
BHO.Win32.Sebutag
t3scan.1.3.5.0

K7 AntiVirus
Riskware
13.158.8156

McAfee
Artemis!448E7AD78EBE
5600.6326

Microsoft Security Essentials
BrowserModifier:Win32/Sebutag
1.163.1557.0

MicroWorld eScan
Trojan.Generic.8551052
17.0.0.624

Norman
Suspicious_Gen4.BXKXO
11.20160726

nProtect
Trojan.Generic.8551052
13.01.27.01

Panda Antivirus
Trj/Agent.MIZ
16.07.26.01

Trend Micro House Call
TROJ_GEN.RCBB1AI
7.2.208

VIPRE Antivirus
Trojan.Win32.Generic
15236

File size:
388 KB (397,312 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Trademarks:
VideoPlayer LTD

Original file name:
VideoPlayer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\videoplayer.exe

File PE Metadata
Compilation timestamp:
11/28/2012 7:07:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:TLAX1I709jJrKljlewNs0EqFja0lD9QiaLcFm0IL13ZlBhy73hjozJXgEHw41Brf:XAxKljlV9QpbjHlng93lc

Entry address:
0x49EFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
288 KB (294,912 bytes)

The file VideoPlayer.exe has been seen being distributed by the following URL.

Remove VideoPlayer.exe - Powered by Reason Core Security