home

battle realms 2.exe

The program is a setup application that uses the Nullsoft Scriptable Install System installer. The file has been seen being downloaded from dc501.4shared-china.com.
MD5:
2063a635b98475d968843de5f72cb788

SHA-1:
55278115ae0b02d9c74813add10d02c672c85fbe

SHA-256:
8c55e774e6a2a1964c73dd2fc2c5b609369d5c0aea7876bcf54035f7bded7118

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:21:14 AM UTC  (today)

File size:
3 MB (3,128,705 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\downloads\battle realms 2.exe

File PE Metadata
Compilation timestamp:
12/6/2009 5:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:fgXdZ79P6D3XJUaB04YOY4REc00eVPJE8kU/pz/BO0o7Z:fe14aau4XZEDPJN/1B27Z

Entry address:
0x30FA

Entry point:
F2, C6, C3, BB, 0F, B6, EB, 68, 44, 0E, C1, 00, 68, 7A, 2A, 24, 00, 0F, AF, F5, FF, C5, 47, 69, C9, 67, F3, 6A, 67, 0F, AF, C8, 85, CF, 72, 06, F6, C2, 39, 0F, BF, F5, FF, C0, 0F, AF, C7, 87, C0, F3, C7, C2, 8F, 5B, 1D, 81, 53, 3C, F9, 5D, C7, C0, 9C, F0, 83, 60, C7, C2, 02, 86, 66, 6C, 84, C6, F6, C0, CC, 8B, F5, 87, C1, 87, C3, F3, 0F, B7, D6, C6, C4, 6D, C7, C3, C8, A4, 19, EC, 03, FE, F2, C6, C3, 50, FF, CB, F2, 57, 68, 46, 89, D6, 00, F2, FF, CA, 8B, C5, 25, 2D, 4C, 22, 5E, FE, C2, 0B, CE, E8, 7C, 00...
 
[+]

Entropy:
0.5680

Code size:
23.5 KB (24,064 bytes)

The file battle realms 2.exe has been seen being distributed by the following URL.

http://dc501.4shared-china.com/download/.../Battle_Realms_2.exe

Scan battle realms 2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.