home

9gzddsa2.exe

Fried Chicken Interactive

The file 9gzddsa2.exe by Fried Chicken Interactive has been detected as a potentially unwanted program by 4 anti-malware scanners. The file has been seen being downloaded from files4.downloadnet1004.com and multiple other hosts.
Publisher:
Fried Chicken Interactive  (signed and verified)

Product:
Fried Chicken Interactive

Version:
57.3.5.6664

MD5:
a538a835fed8f0863697e725c0104a40

SHA-1:
39f89c076e0377981c1cdc892595a9cd112c0030

SHA-256:
8bfc48a662475c6c34496984ba9c9545d6473774a07b0c1f2fc2df4233257916

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 12:24:25 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160327-1

Emsisoft Anti-Malware
Gen:Variant.Razy.12439
11.5.0.6191

ESET NOD32
Win32/DownloadAdmin.Q potentially unwanted application
8.0.319.0

F-Secure
Variant.Razy.12439
5.15.96

File size:
895.5 KB (917,000 bytes)

Product version:
57.3.5.6664

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\9gzddsa2.exe.part

Digital Signature
Signed by:
Fried Chicken Interactive

Authority:
GoDaddy.com, Inc.

Valid from:
3/8/2016 11:13:39 PM

Valid to:
3/8/2017 11:13:39 PM

Subject:
CN=Fried Chicken Interactive, O=Fried Chicken Interactive, L=San Francisco, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
1E418FCF3E719CC2

File PE Metadata
Compilation timestamp:
3/15/2015 10:19:29 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:a4P970ThB+1Lx35fto1O1mUp7lYU5t3GNOh91suBwwr9cPI3X68sgtqozfbCM1hC:a4P970ThB+1Lx35fto1O1mUp7lYU5tW5

Entry address:
0x50B6

Entry point:
E8, E5, 93, 00, 00, E9, 0F, 8C, 00, 00, FF, 25, 14, 92, 47, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 33, C0, 56, 8B, F1, 85, C9, 74, 17, 8D, A4, 24, 00, 00, 00, 00, 38, 02, 74, 08, 42, 83, E9, 01, 75, F6, EB, 04, 85, C9, 75, 05, B8, 57, 00, 07, 80, 85, FF, 74, 10, 85, C0, 7C, 06, 2B, F1, 89, 37, 5E, C3, C7, 07, 00, 00, 00, 00, 5E, C3, CC, CC, CC, CC, CC, 83, EC, 48, 33, C0, EB, 09, 8D, A4, 24, 00, 00, 00, 00, 8B, FF, 0F, B6, 90, 50, DB, 45, 00, 8B, 0C, 85, 38, DA, 45, 00, 88, 14, 0C, 0F, B6, 90, 51, DB...
 
[+]

Code size:
57 KB (58,368 bytes)

The file 9gzddsa2.exe has been seen being distributed by the following 3 URLs.

http://files4.downloadnet1004.com/dl-pure/1185127/.../?bc=1185127&checksum=1664461&filename=flashplayerupdate-setup.exe&cb=1259665538&usefilename=true&executable=1201405

http://files4.freega.me/dl-pure/14454/.../?bc=14454&checksum=55923&cb=-537984472&usefilename=true&executable=1201405

http://files4.filefly528.com/dl-pure/1125224/.../?bc=1125224&checksum=118797679&filename=The-Sims-3_setup.exe&cb=785839440&usefilename=true&executable=1201405

Remove 9gzddsa2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.