» 364048_setup.dat
Overview
Analysis
File Details
Downloads (20)

364048_setup.dat

The Stronghold Demo

Firefly Studios

File name:

364048_setup.dat

Publisher:

Firefly Studios

Product:

The Stronghold Demo

Version:

1.00

MD5:

bbcd391d11c7ccdbc17c8a0136b96322

SHA-1:

f23e6ef7d592f4806dd88508adbf23959918cf40

SHA-256:

76c00452deb4bab0260e19f7c46d2722ca09704777fe012ce6a74951f1cf54ed

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 9:59:59 AM UTC (today)

File size:

57.9 MB (60,724,653 bytes)

Product version:

1.00

Original file name:

stub32i.exe

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\364048_setup.dat

File PE Metadata

Compilation timestamp:

6/16/2000 1:00:04 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:eMyJrh7n7o7L7T5sIKrXQd+K78Au/6Uygtqcu2eGe8X1HwLI3ISMrnKUkvE:+3nU/CIKkR8L6UJqcuhfLI4SgvmE

Entry address:

0x84A7

Entry point:

55, 8B, EC, 6A, FF, 68, 10, 23, 41, 00, 68, E0, B5, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E8, 21, 41, 00, 33, D2, 8A, D4, 89, 15, 30, 53, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 2C, 53, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 28, 53, 41, 00, C1, E8, 10, A3, 24, 53, 41, 00, 33, F6, 56, E8, E0, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 11, 2F, 00, 00, FF, 15, EC, 21, 41, 00, A3, E4, 68, 41, 00, E8... 
[+]

Entropy:

7.9995

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

68 KB (69,632 bytes)

The file 364048_setup.dat has been seen being distributed by the following 20 URLs.

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1474352874&Signature=bbFuS7OR2idTFlIDhRh-LDu1nzR74gP~yvShqhWUkstQxVYM96VWXhQwIccDp~vRaXohN~uw404iWjW226duqmRWYwXjLPkiEIh0kpjdd63K57kjsguddvSRSCzOkBlVVzKJv5aUDy-dMWVqZeW4X9OYL6wrxq~fUtGUd3v7cZc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1442831901&Signature=KcQUOn2bHY~N71vhV5UpY0EG9IvkSXtBfP8g1OYoFg5nJxHhjzZy9A01KjQm1~6u9DrozVNZH1lwXQoz4N-2Qrqo00H0qwgSUG-Lppe1GkhR2MIdeFW6rbeo7FmwHjE176cuTHdqMGBRR73y5zm3tGH0rvlU0xAVukrlVVIMvEU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_fr&type=PROGRAM&Expires=1440247211&Signature=B7G9xeY8WwRMnrwpg73wff9Dm5g1rZyYfWNJsZZLAFvE3S5CY4w~JelDZ0sLRLGELA1KOOSFiLVfXyc6CFCwLKP6UBumIaaKQ2NmfPeCiPYEDLzTfvj2V7kh5Wve6OvMhtRUzyE6Oq2lPE2sJ0iFPJ~me6VFvybXJARgzJ6h~BI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_fr&type=PROGRAM&Expires=1465250750&Signature=itJS-SxQPcIPE8LgWZPvMAF86jJ6SwbnX4nO3FNzrrC5WUnBm0BmgdeiLgYNjGZFikd3HrSMBAIWB-ia6W1DdLFot4~G7VrB-K~FZZ9s6NHWOE7gBB71fgaK0AOA9QyGPfetMVaD55A2jDt5i-WVQs~r5lUTdP371YSVD81APYA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1435546428&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=SHcJTtZCH6Gpxb7BWXH3d-XQOR~Ugecmsd1qo50-wkkZSxj7VuPiXDQcxOQs4iwgLAt-2GNZy9LDmrg81WeBUekKSsZsz4lA9vgGCsiWLk3WiU66m2XQPPwqp3PTfLE6zso~ZDglw0FIpOAJrybJSld1w6PgCj14bdI1xJWj2V8_&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1478122651&Signature=bffKJIEDO3IbfJhqq9cEz-Rk7XCGLm0NSqcoassoyakxvZO0rBumd9wpLyrMM95RDNFP9npLoLUbhMhRhgStFL-htgdeQhn-xzguInfx6~~yITudtn-0teevdlCvR9YCdWNtgOcALXUXWHojtVhJhVnHNpav3kQvEnVgX44RRMI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://files.downloadnow.com/s/software/10/24/63/.../strongholddemo.exe

http://games.softpedia.com/dyn-postdownload.php/d616fce6a804776bdf3778241b06e83f/57c70391/928e/.../1?tsf=0

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1470890158&Signature=WgUlaEmeJ03snq6mNOpCIdD~0GpVjmf5vVYt7LlJ-in6vzmo~rvaPf3pxifWATedpXxJ0PIqFdKkhbWzlcRdrbD8c1Mbv3GK9MbBW984J0tFtLPQs05QLNL-P6OOliXac7mzWP8MZK-ulkiF5d~H-F6-Z0wHR5xwfvekn6fgNx0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://download2us.softpedia.com/dl/19812f845ae84f7e8ae247a217001da4/573e1696/200037518/games/.../strongholddemo.exe

http://files.pobierz.pl/files/.../StrongholdDemo(Pobierz.pl).exe

http://download2us.softpedia.com/dl/8837a639fc7a33b90489c1194b68e188/5765aa2a/200037518/games/.../strongholddemo.exe

http://download2us.softpedia.com/dl/add79190e2570289a5fcdca611f9b651/572020f5/200037518/games/.../strongholddemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1453635665&Signature=hHDn8uDbZIYn~1lG8N7MaLwXljHsbsyFvxq7cxXXyXBcmSMHnDIclwkpuwZQh~YpJ00ED1oFg9cal0tC6kk3tmkowDTDXy3dSgpndchSJBumqUgRlXSOBDK2WZ-Gy9xXpXoP4QaksmTEfnAV80~NMqjve1gl9i5YfRF7FHyw2c8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://download.fileplanet.com/ftp1/gamedemos/.../StrongholdDemo1.3.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_es&type=PROGRAM&Expires=1457084015&Signature=f3mJBjp1UvJVOkeGOzsuMDKZzRf460pt9HryNi8dxaLK5HVyUXdr4ibNzmtxOt0eBOlkDGK3rZdnfquo98k7N9-owdUbcmaLR4fEra320O5Tt4xnSFwUpkxGIwbKOZKTNFpClXA3oUtRdo~D2TDhAXd~119hfGwPJgUzJcTVZiw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_fr&type=PROGRAM&Expires=1456202658&Signature=VigWwGYJF24VEpWGNoTeTlitKR7FwDhOWwcBzpU8ExSZ-jfML9AnyAtA~zAVLEjRyyfCKWD~ttwQBqY6M5sk2Fj4Glj9-Hztq7HmiCTQRuC1DLD10gVm0xSM2wTQXu5Si2QiECkvc6UYmJDn9AGvduWE4fJQXmx6Rk-ORoRtci8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_fr&type=PROGRAM&Expires=1454286010&Signature=W0wYvmB4F~WSvGoZDCu2PMv0aEy4pXmwWoatsCnuyVEilLX9RM59Pl9f5mufkS1ael77553Nab2meqOY1u0JdEUIsUjC8rVyktjJxx~Sgk1YqAFkYbn9GL189cq1-E1ZTslB~u1PS6g2ZCqvk46x8Ra3g6bN3f4UFESEUt5lrKM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_de&type=PROGRAM&Expires=1452170309&Signature=Snx3vJtE-cO4S-6u4wHIQUSXYOYEY6FuHD0aSbg1~g7sjQHHV5Uab8lxxAuol9e7P68l8Z2wsmwX8IbGPF~T8wR-F1lTlb3MiMt3Ok4nrTugwvxB1z3bi2IV196ot1gjUZlS--JKlTisyUes10~b6s19Phb~FzmMBlKHmjZs~AM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

http://gsf-cf.softonic.com/f23/e6e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16844&instance=softonic_de&type=PROGRAM&Expires=1452321477&Signature=AGrxc0DX2cXfdExQ4A~9VGXvJDS2pb0S~5csFiuLLCiYSCazJdtcd0cQ9vkWwhcsuUCH1JZjjtCxRHi2UU8T5HE-Of-Yb39XiA-JwxyPU21u5UmQ4FhYC-zCjGKZN80uYgkD8PQiwSOEaKNCPVWFwpddXW~2lhxNYTxCJchJhfc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=StrongholdDemo.exe

Scan 364048_setup.dat - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.