» age-of-empires-ii-gold-edition.exe
Overview
Analysis
File Details
Downloads (6)

age-of-empires-ii-gold-edition.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.downloadpresentcity.com and multiple other hosts.

File name:

MD5:

c3dc0d4d1edc5884721d4aa0d1a6f355

SHA-1:

190906b53703eb701788799a395ccb2d43c8523e

SHA-256:

bb8d3ddb8072375de60f50cf3677635d07b386090d751cd263d61c3641100542

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/27/2024 7:52:33 AM UTC (today)

Scan engine

Detection

Engine version

NANO AntiVirus

Trojan.Win32.Obfuscate.crokuk

0.28.0.60253

File size:

46.8 MB (49,045,760 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\age-of-empires-ii-gold-edition.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

786432:iFMTrmjOgKeJNENsL86rv/3wBtkFuKRQrt40A0RQVCnPCa6:iSTrmCJeYs8qaW7W3nRQViCv

Entry point:

52, 61, 72, 21, 1A, 07, 00, CF, 90, 73, 00, 00, 0D, 00, 00, 00, 00, 00, 00, 00, F5, CD, 74, C0, 90, 31, 00, B4, 60, EC, 02, 08, F5, EC, 02, 02, 81, B4, B9, F6, 3A, 53, 05, 43, 1D, 33, 0C, 00, 20, 00, 00, 00, 41, 6F, 45, 32, 64, 65, 6D, 6F, 2E, 65, 78, 65, 00, F0, C6, 42, 1B, 18, 25, D5, 54, CC, 8C, D1, 5D, D8, 22, 57, A5, B6, 80, 4C, 48, 22, 60, C9, 14, 91, CB, 14, B5, DA, 39, 2B, 91, B2, C0, 1B, 64, 43, 18, 0E, 5A, E1, 12, 4D, B4, 8B, 46, 30, B9, 4A, EA, C5, 8E, DA, 76, 1C, 52, 19, E5, 72, 56, E2, 6E, D6... 
[+]

Entropy:

7.9999 (probably packed)

The file age-of-empires-ii-gold-edition.exe has been seen being distributed by the following 6 URLs.

http://www.downloadpresentcity.com/HI_3lm1hpdkzYO9byHxfTr4vf9axE5RHwdlcIpfxx0ODjqCSycaefKbnSvnTb0SMmbI9VjC1XqXhCHI_vojW4DvHIYWNUPCPPLNlXrNLNvOb_f3VobjeUyQUtGYo2s2dsn4yHXHJo4wgpYYUQTb2JzHoV6ExnL9Q8F4owRN4ToOvpvXI9cmAMj9T4yRnrzlwGsBh5VGbOzC3DItP1rkBqEkwkeQOuA==-Gz0DAGRCLxyHKmAd8uMlBxgmcsDeFkPMJ7H3xoEna4z8LAJzS48x74szOfod79WChVc61UFCHKZsdqJQNBlTpVeCDDMUe1m uC6ORiAj0zctlM3l5zTcfCwd4fFlquZGgY6um PmBCQCv8LbxK4NZGhhz6fNdwFGA0vl1HnUG6UBARaSg50eJAW4 PSxZ25F3S_IPfQa4KAravr5RaaHRYw7JCEP3ma3OdFqKz1f5ngJ2llpOq60bTdtFX1_cWsk60WdzM5UspvhvFw0fD9gE7G8okRRhYTPkWc_hfouRE2GVFCqyVu4JDMSyQYnEeIhRTsdMWMZiKgvbbCCL7rst1ovWVKx4yHwXB7rcjnRSBSWV5PpajwIKtKaVaDSE9ooTVmlnIkjrTBDABrJ8BeV4P2Ja7PBnMaeOdyvapjK44_ixu36OcTDobJIuL2XVUPlteMxj1vF02ZMRWP7ihpM4N_HFMOB51KPVfI JxFKkG ADKdtkErM0N82BTHeTb 4CcsAoWXUH6qZ9t2pC4nZqRADe4NhcI fN 3cnEHjFo4XeD1Hb5hDC_j6cGwspweIDEfRP14ThBR_fjmmjA7Ll9Em48TTYBZS3Dc6Nx4JnBjDguZwr4Amz_G1VazFBIp9A ejenk8OSk3VYatBsbeuQztrk8PwrIJQ3f0YP9sThMU3ljjzK1nVJrsKWo10RhjEK5r4u0BZPTR57PVK6CfZV6XverOPAG4_vz5

http://www.ranchmetabits.com/llHGaVaa2pVNM1ORq5pGFYZol2h4XNCEwDY RpDLwaSHd96PAKLnKXOcgk4QIM5cs1jBOYQ2HyxWjndUMPqcFONSLsN47_oiLtfLClZbtUrgMFh6LHT Ab9ujsBvlnjOWbGXlM7mDr9g__aFlLw8WGdAFc2UmDL1uSaVxGa54Cy4JDgTGXLgBxaiHCmfj6oum RnzgCt-GxkDAGSoXdDzsYemfE5chKnTBhgmcsDeFkPMJ7H3xoEna4z8LAJzibc bbM92toV77Fae8dTF7XUzZ1hZXlm7PWCYcjH38aaKdIpkDvhak2O7LyXQOz40o5_jRcy_k1rXOV5EvWY7GIxL4mZNKM42KH2CiYo2wjoAh_592E7hltJKqJfxAF1Ob2tQSqp7zhKNqMp93fbz9pbd2yucH0F0H1H6zugU8faNV0t9gpLFLhE_PDYpBgO0YsqL76jJP1FRIG7 Gk9CRaevF4eu 8FogD_Pd_2Hb2dy9otuXzhr5qQc0fQMk7rk1kjvg0o2b_PG oZ09d13AmKi3DwDu4hLSgriN8gxd 0oevHKZ2xJ Y7gR VmLMNKmqCnaDmuLBXkBJW2dZyDStpsXNI958gw3j IMCUmUCf0cmjtfc ZcOzf7TxTUAPsasZAZ07f1H1dWNNh1jwk98cELb1QkVp QSbPz5vHj0SClhk6uxJzNfUdzHSzANKMOFB72vlXS2os5qeduZ hFxeTGo84iOy RIlUfc393oLlXiwoxbj7t_B8xoQEbGs5iNERyymDwF0paXoyQbvF9izy7BzY6k_mvtAKYSxg73VVGwFt6IUKVSMy4aUe64Zt7G1oevGNVnnpyJK7YL7eHYI_Psh0q0u00ZDUayd YzolTOTdonYmKu wr9BxRO2MJjrbRJnit5CJJAULSV KTs4TEz7Rxm4LGs6S6qdWalwy_BQgDl_AP6plOcg5IW1IKqFHiwT_216Z4

http://www.vaultsfarmhosting.com/c?x=mBG//QIHU79C8vbg4JFWgkdL6YyFU39uNB25izhBwiM=&c=l5UHtvOX GbY2T1kbems7LyQaVzF7Hz6W4K3sKdKG8TK01WZdCOKMwBGQZC7dqX5wkViAmlcSS8bWYXQQ8DVj5ehd6J4UG1F muTusXGYnkTBvgJ2Z0p6RKLkd7vS nTSPhmYOtKh5cQQz4aQvi/qQ==&e=0&downloadAs=age-of-empires-ii-gold-edition.exe&fallback_url=http://pf.benjaminstrahs.com/s/1468150706/fr/3/.../39466-671670-age-of-empires-ii-gold-edition.rar

http://www.packagebestupdate.com/WVl6OTRQV0pVUlhSSGVtZFNVbWRoYzBSSVJrMW1NMWRET1dFM1ZrWkRNblJoVDBOdGJrNVhOMFpxV2pGS0pUSkdPQ1V6UkNaalBUUnFOMFJoWjJWRGFqQXpXWEZLT1hsRWFFcEZWME5wZUhwbU5FeFlRV0pHVjFBbE1rWmpkV0ZvSlRKR1FsUXlRMkpoTURrd1Ftd3dSRXRXZVhCdVRWazBhRlJxTlhaSFYyTnBWVWxTSlRKR1lucERiRWxEWlZoTWJqSjBWV2hpY1dwb1lVSktKVEpDVkRSUFZURk5TRFlsTWtZNVowcGtKVEpDZFZKU09VNUhPWGR1Um05cGN5VXlSa1pMSlRKR05rOXVhMFpETVdGQ2FISldPV3BTVHpZMWRFOUVNV2NsTTBRbE0wUW1aVDB3Sm1SdmQyNXNiMkZrUVhNOVlXZGxMVzltTFdWdGNHbHlaWE10YVdrdFoyOXNaQzFsWkdsMGFXOXVMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um5CbUxuUnZaMmRzWlM1amIyMGxNa1p6SlRKR01UUTJOVFEzTWprd01TVXlSbVZ1SlRKR015VXlSamtsTWtZek9UUTJOaTAyTnpFMk56QXRZV2RsTFc5bUxXVnRjR2x5WlhNdGFXa3RaMjlzWkMxbFpHbDBhVzl1TG5KaGNnPT0=

http://b.position-title.xyz/hp/?q=WGLnk/ui/fckikg012B0g5FPLUoBW8ca1PVkOwSvTsFtJo/S5rP6FlBzQtJaL2RK9ZwiIx5IhBF5E0x4OBT/TehNeZUEEOUwEyHe5b G U3 KaHYGzYk2Jxz/688gGBKWgcbJMND7Pq0EgUtGqChU4fEVHJj ix5nB yjcdi8 jEbIrp2hc2EwQWIRmCOoraHlzzuVXl4zFPS8E4j16cUhShUQOffl8FxEIAgf117BT4fcgmSfg24zB 12xiUbCWnwg yLVmW7l s6a3uA4wqq3uW/eAyMnyrOgB68rpNO32v5eqbN1eC4VLpFDn54xuUl9U 4nrQE5MAQ/l4RO/kLVK0S4ZBs7K0z4N2LZsKh35ESyvD5NFV0d0gFduai4MnHNgifuEYocyIlEV/pejROqMT3ySN0qPfBdhet 4dFZaY8Tv/0StJgWn4O/qjTNnpLz2diH0WqPf 6xbKr8FuQ3VFflUw1MMyLJV2LbIvlRdeLuY3NMKwAaPRuAjX7vmma4XPTTw TOEanDzx5hDcsiVzOKUc 88/yIoRb8wENSI895L94v3Y5DxxKIHSO9kLWMfLxG2OWsMb1oJM6NpQKriwTKdul35Q1UrWUn1hObCZ1hCRIYHug2YZJGOXT23cjA74MVq3C2tpyfygeEdTP4N3lAHwJui8wTFRd9pAKIz89trxFVNU5HROabqC8E7YmlwJu93Ib6QvwGuqPFkK3MUvOdl GW/QMnVwUSC7uWzyu7p/NIb8qpHQbfD7AwTv SvGFiYV5d/N7PVTyIFfHNvWYKqJfgsVY3wyuQYDYiSuSfb4TFQBz/f1b0x/.../yx1KXcaDubbm6kVTzBnZ3blhN6MLROv1X3uSMI6FJkio5H80GJyL7ofty 5mmn6qaXE T4LzRibDqydmMdOO5wTfLUebcP6eQqMb0FQwSUo6u3GS5zehWmByZA

http://www.updatetagdownloads.com/c?x=X8C3aPoK444MB9V 3pRcXyV74JOFd8jaMVsuGbwO5KI=&c=4dDji/HQByqjnMohhWzgLWmvhhpw4HHU7aNBc7l om5ChLI zz2Z5gWFOQOqNrdUyyBp7FhxdP8wikRUwjvdn2QlUQiA2dm8Yg5l3WE U2TG4qqQ96C09c37weZPmySjvB45JVzlRNzrNuFNN2ucoQ==&e=0&downloadAs=age-of-empires-ii-gold-edition.exe&fallback_url=http://pf.benjaminstrahs.com/s/1465027325/fr/3/.../39466-671670-age-of-empires-ii-gold-edition.rar

Scan age-of-empires-ii-gold-edition.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.