home

1316970091_rageinstaller.exe

Project RAGE Web Installer

Project RAGE Team

This is a self-extracting archive and installer. The file has been seen being downloaded from www.gta4-mods.com.
Publisher:
Project RAGE Team

Product:
Project RAGE Web Installer

Version:
1.0.0.0

MD5:
3e71d6377f5ea622b8938c3e5b4729d2

SHA-1:
29d334ec6a2b4506fce15d6ecbd4bb7f46c86a0a

SHA-256:
f32a594dd865527ad694e4541f092e594b3e27797a24878f3de2a3a6df1dc6db

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 9:07:10 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

File size:
1.9 MB (1,984,000 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © PythEch 2011

Original file name:
RAGEDropboxWebInstaller.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\1316970091_rageinstaller.exe

File PE Metadata
Compilation timestamp:
9/22/2011 6:24:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:op1LODop1iJJidPtUAnvvEQrC4v+Q/8W98u2/:Ed6opEUFv++bk

Entry address:
0x3E034

Entry point:
FF, 25, 24, E0, 43, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, 3C, E3, 0E, 00, 7B, 7A, 7D, 02, 3D, 25, 4E, 2B, C8, CA, D1, 02, 89, 85, 73, CF, CB, 0D, AC, EC, 34, 50, 99, AD, C7, CF, 65, EF, FE, 6B, 11, A9, 96, CB, 1A, 37, AE, 1B, CC, EE, 29, 32, 52, AA, B5, B9, 5D, 2E, A5, 7E, E2, 54, 7E, 10, AE, C1, 34, 83, 3F, 49, 74, BE, 47, AD, 8C, D4, 17, 3B, 49, 77, E0, C0, 4B, BE, FD, ED, A3, 68, 4E, 83, 62, 5E, 17, A4, 37, 22, 6D, 8D, B0, C4, 78, E2...
 
[+]

Code size:
1.8 MB (1,839,616 bytes)

The file 1316970091_rageinstaller.exe has been seen being distributed by the following URL.

http://www.gta4-mods.com/.../10477

Scan 1316970091_rageinstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.