home

alienplay.exe.opdownload

System Q Ltd

Publisher:
System Q Ltd  (signed and verified)

Description:
alienPlay

Version:
6, 0, 0, 5

MD5:
67788b2b2433f3405daee4300b7feb5b

SHA-1:
d74b58519d7a2b64d412c65cf8b67c7fc41b3a2a

SHA-256:
eec2d7ef44bd4b6f710185fa4773230013f5823242b89215e1f46a0b0c12aed2

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
2/27/2025 3:35:47 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM18.1.Malware.Gen
1.0.0.1120

File size:
1.3 MB (1,360,352 bytes)

Product version:
6, 0, 0, 5

Copyright:
CopyRight (C) 2011

Original file name:
alienPlay.EXE

Common path:
C:\users\{user}\downloads\alienplay.exe.opdownload

Digital Signature
Signed by:
System Q Ltd

Authority:
GlobalSign nv-sa

Valid from:
3/8/2013 10:52:54 AM

Valid to:
4/7/2016 11:52:54 AM

Subject:
E=software@systemq.com, CN=System Q Ltd, OU=Software, O=System Q Ltd, L=Chesterfield, S=Derbyshire, C=GB

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214EA3991BBD76326C522D34A8DF130DCC

File PE Metadata
Compilation timestamp:
8/3/2011 3:44:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:xIFKqu4sX2eixF1oGKZWmnqqpNnceo9Ggg0GrbkRKB+Hf+jD+MB61Iut73ANQM4U:xIFA+HxTKgMnq9IbkR4oq6E615ZAND

Entry address:
0x211000

Entry point:
9C, 60, E8, 02, 00, 00, 00, 33, C0, 8B, C4, 83, C0, 04, 93, 8B, E3, 8B, 5B, FC, 81, EB, 07, 20, 40, 00, 87, DD, 01, AD, BB, 2F, 40, 00, 01, AD, E5, 30, 40, 00, 01, AD, 5E, 30, 40, 00, 01, AD, 92, 31, 40, 00, 01, AD, 42, 31, 40, 00, 01, AD, F7, 31, 40, 00, 01, AD, 66, 32, 40, 00, 01, AD, 2F, 32, 40, 00, 01, AD, FD, 34, 40, 00, 01, AD, 52, 35, 40, 00, E8, DF, 0B, 00, 00, E8, 74, 0E, 00, 00, 85, C0, 74, 15, FF, B5, B2, 21, 40, 00, E8, E5, 14, 00, 00, 89, 85, 01, 38, 40, 00, 85, C0, 75, 0E, 8D, 85, 3B, 23, 40...
 
[+]

Packer / compiler:
PEBundle v2.0b5 - v2.3

Code size:
116 KB (118,784 bytes)

The file alienplay.exe.opdownload has been seen being distributed by the following URL.

http://www.aliendvr.com/.../alienPlay.EXE

Scan alienplay.exe.opdownload - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.