The media.player.codec.pack.v4.6.0.setup.exe (Media Player - Codec Pack) File Analysis

Updated 1 year ago

Checked by Malware Check

media.player.codec.pack.v4.6.0.setup.exe

Technical Analysis

File Name	media.player.codec.pack.v4.6.0.setup.exe
File Type	Win32 EXE
Magic Bytes	`PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive`
SSDEEP Hash	786432:WJnp2lzadkmTRa2399ZXbirZo8dz84Wbh1upKADLHUTU/K2Agqte9UhhREMiZ2eY:wp2odng23TZXbirXCcOOrqg+hbEgeY
Scanner Version	1.0.181.174
Database Version	2024-07-01 10:00:17 UTC

⚠

Suspicious File Detected

Detected by 12 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

19%

Detection Rate

53,433,968

File Size (bytes)

12/62

Engines Detected

2024-07-01

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	1c3702be6d28ae45658eb4ee9a78264b
SHA1	068b4bbee1542bcbd75ee2e2ac2502685aa65e40
SHA256	d5436500b00d73a4235474fcc1d7cf75acd694523a3e3835a0e6a17e46ce5411
SHA512	168c5a77e3f651980cf7b19e4e170ce8dde813a5c663b5d0f5bc961092c5eb7b1fcdde26464706e3ee9292dc4ad8e317df4683e6fc2a070ed8b78a2b37e2f383
ImpHash	59a4a44a250c4cf4f2d9de2b3fe5d95f

Security Engines with Detections (12 of 62)

K7AntiVirus

Adware ( 0057c4151 ) Malicious

K7GW

Adware ( 0057c4151 ) Malicious

VirIT

Backdoor.Win32.Bot.HJD Malicious

ESET-NOD32

a variant of MSIL/DotSetupIo.B potentially unwanted Malicious

Ikarus

PUA.MSIL.Dotsetupio Malicious

Webroot

W32.Adware.Gen Malicious

Antiy-AVL

GrayWare/MSIL.DotSetupIo Malicious

Xcitium

ApplicUnwnt@#u9qjexsdizlu Malicious

Microsoft

PUADlManager:Win32/Sepdot Malicious

DeepInstinct

MALICIOUS Malicious

MaxSecure

Win.MxResIcn.Heur.Gen Malicious

Fortinet

Adware/DotSetupIo Malicious

50 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Icon	Hash: 33369c891a00d0c8a052baa02e2fc5b0 Fuzzy: 313cc34a2f53b9e0e6d153d920ee01a1 dHash: aa16686868160aa2
Image Base	`0x00400000`
Entry Point	`0x00403217`
Compilation Time	2015-08-05 00:46:27
Checksum	0x032f685d (Actual: 0x032f685d)
OS Version	4.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive`
Digital Signature	OK
Imports	8 libraries KERNEL32, USER32, GDI32, SHELL32, ADVAPI32, COMCTL32, ole32, VERSION
Exports	0 functions
Resources	16 Resources
Sections	5 Sections

Version Information

▼

Comments	Enables playback and encoding for various audio & video formats.
CompanyName	Cole Williams Software Limited
FileDescription	Media Player - Codec Pack
FileVersion	4.6.0.0313
LegalCopyright	Copyright 2024 Cole Williams
LegalTrademarks
ProductName	Media Player - Codec Pack
Translation	0x0409 0x04e4

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	23,610 bytes	24,064 bytes	6.41 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`E5E7ADDA692E6E028F515FE3DAA2B69F`
`.rdata`	`0x00007000`	4,558 bytes	4,608 bytes	5.24 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`5801D712ECBA58AA87D1E7D1AA24F3AA`
`.data`	`0x00009000`	108,536 bytes	1,024 bytes	5.03 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`CC58D0A55AC015D8F1470EA90F440596`
`.ndata`	`0x00024000`	90,112 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_CNT_UNINITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`.rsrc`	`0x0003a000`	37,136 bytes	37,376 bytes	3.20 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`3921FF0B0E8B3816ED2C41AC7FEBBD47`

Resource Analysis

▼

Total Resources: 16 (36,181 bytes)

Resource Type	Count	Total Size	Percentage
RT_BITMAP	1	1,602 bytes	4.4%
RT_ICON	7	31,160 bytes	86.1%
RT_DIALOG	5	1,400 bytes	3.9%
RT_GROUP_ICON	1	104 bytes	0.3%
RT_VERSION	1	844 bytes	2.3%
RT_MANIFEST	1	1,071 bytes	3%

Certificate Chain Analysis

▼

Certificate Information

Product	Media Player - Codec Pack
Description	Media Player - Codec Pack
File Version	4.6.0.0313
Signing Date	09:37 PM 03/13/2024 (645 days ago)
Verification Status	Signed
Signers	Cole Williams Software Limited; Sectigo Public Code Signing CA R36; Sectigo Public Code Signing Root R46; Sectigo (AAA)
Counter Signers	Sectigo RSA Time Stamping Signer #4; Sectigo RSA Time Stamping CA; Sectigo
Copyright	Copyright 2024 Cole Williams