Report ID: IR-2025-04-UNV Date: April 17, 2025 Subject: Behavioral analysis of webplayer.exe (UNV distribution) 1. Executive Summary The executable webplayer.exe associated with the tag UNV (Unverified Network Version / Universal Video Player) has been analyzed for functionality, security risk, and system impact. While legitimate versions exist as part of older web media frameworks (e.g., Plex, WebEx, or legacy Adobe frameworks), the UNV variant exhibits anomalous behavior not present in signed, official releases.
Potentially Unwanted Program (PUP) / Low-grade Risk – Requires user confirmation. 2. File Characteristics (Observed UNV Sample) | Attribute | Value | | :--- | :--- | | Filename | webplayer.exe | | Tag | UNV | | Typical Location | %APPDATA%\UNV\webplayer.exe or C:\Users\Public\UNV\ | | Digital Signature | Missing / Invalid (Not Microsoft or known CA) | | File Size | ~1.2 MB – 2.8 MB (varies by build) | | Observed Behavior | Outbound connections to non-standard ports (8080, 8443, 9999) | 3. Functional Analysis Intended Purpose (Claimed): The executable claims to be a "Universal Network Video Player" for streaming proprietary UNV-encoded content from legacy surveillance or conferencing systems. webplayer.exe unv
