» beamng_drive.exe
Overview
Analysis
File Details
Downloads (1)

beamng_drive.exe

Sunide

Morava Group

The application beamng_drive.exe, “Sunide Setup ” by Morava Group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.filesdeliverybits.com.

File name:

beamng_drive.exe

Publisher:

Morava Group (signed and verified)

Product:

Sunide

Description:

Sunide Setup

MD5:

c2a305e3007eab2bd94c69fb8c815e31

SHA-1:

947631e93672601638204c5b7ae1f049f595354a

SHA-256:

958e5196909c0f6e19d137ee370ff18d2ad8e72e54b99d3c9c0ca6b32b11119b

Scanner detections:

1 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

11/24/2024 8:05:27 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore (M)

17.3.5.0

File size:

1.2 MB (1,268,736 bytes)

Product version:

2.2

Fast Web

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\beamng_drive.exe

Digital Signature

Signed by:

Morava Group

Authority:

GlobalSign nv-sa

Valid from:

3/7/2016 12:28:01 PM

Valid to:

3/8/2017 12:28:01 PM

Subject:

CN=Morava Group, O=Morava Group, L=Towson, C=US

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A83F14C1C6D435814D1A4B9EC949DB5C

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9844

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file beamng_drive.exe has been seen being distributed by the following URL.

http://www.filesdeliverybits.com/i2EFF1rw5KFMpsy9Uy5HoxQUoqPrK0wrKyL2Jol6inYED1B4ZnRTAxIoPpKtHDGWUu4Qtvo9VT KiejijRcHk5H83K_uc4gQdboaPhxhcibRNRHCbXQYSqevNBLNJS6HpwG0x foJgbZyYwLTlVOKWlfKPeNjEku6Ctji tU yFNSSOMvzApg6J nzSMC8LVQ8QjyB3uLyOcdS85s1j8oQ03PfqpCeSO6dbMx_0X6h9GJH5u8pe4KJDEFFX3iztAWzgH5riLa5OQO4xiR R0ZdF snkydgPKeGig5AdXDMX1gPP7HHTNdZ1fBn_3gMmA99XKK3p1cugoQhehaLiGmY0budCfsRAV9IT55nbxzt1h3qMgbLaq w6Y_az20ZhaKh12KAV4PfkM4LXpgelSS4O3 Tt y4csUohjpS0ARKSyqKsWoiDboWN1V91625Pbjxaz9QOsAaqnJDQbWhGnOzbI4lWNU1tLLhp1x8l5PNJ85_ehPjxxXQgUzqZu75T466ruHWgk0wggw63Su9ojYc7gpziafA==-GzQAAERPFhNCV0xRRRM yVTgkAOH79SWBGqBQ07oOxRkucaby0SnfAhKTog9UfSGVXowHg==-e

Remove beamng_drive.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.