home

chickeninvaders3v3_at_c3.exe

Chicken Invaders 3 Free Trial

Demand Media Inc

The application chickeninvaders3v3_at_c3.exe, “Chicken Invaders 3 Free Trial Setup ” by Demand Media Inc has been detected as adware by 2 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This version of the installer will bundle the Ask.com Toolbar, a potentially unwanted web browser extension. The file has been seen being downloaded from secure.bmtmicro.com and multiple other hosts.
Publisher:
LasTechnologies   (signed by Demand Media Inc)

Product:
Chicken Invaders 3 Free Trial

Description:
Chicken Invaders 3 Free Trial Setup

Version:
1.0

MD5:
c1b854217329ed4e3b3439b4881bb778

SHA-1:
50b49b9cb5fb06520c4a37a99103e7f488fb8fa5

SHA-256:
6e9c792b4a2bed6cae31336883980b11ed65bd29a86851921c3072571778ea5f

Scanner detections:
2 / 68

Status:
Adware

Explanation:
Bundles that Ask.com toolbar as a third-party offer, a web browser extension that may modify a user's search and home pages.

Analysis date:
11/15/2024 6:40:45 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant)
8.9928

Reason Heuristics
PUP.Installer.DemandMedia.Y
14.7.27.14

File size:
17.5 MB (18,376,808 bytes)

Product version:
1.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\chickeninvaders3v3_at_c3.exe

Digital Signature
Signed by:
Demand Media Inc

Authority:
The USERTRUST Network

Valid from:
7/6/2010 10:00:00 AM

Valid to:
7/6/2013 9:59:59 AM

Subject:
CN=Demand Media Inc, O=Demand Media Inc, STREET="1333 Second Street, Ste. 100", STREET=Santa Monica Headquarters, L=Santa Monica, S=CA, PostalCode=90401, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00B59247E636AB04099E33A2FB6D5BA8B5

File PE Metadata
Compilation timestamp:
6/20/1992 8:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:BalzzLU20gehHRv8K8thqQNdLyEUSrj1oJ26supBiI4Kfv//Xb:OzzLU20gehHRp8th5xUSr5oDsupkIFXL

Entry address:
0x9B24

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, DB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, EC, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, EC, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9999

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file chickeninvaders3v3_at_c3.exe has been seen being distributed by the following 8 URLs.

https://secure.bmtmicro.com/.../RIP.DemoDownload?PRODUCTID=11620310&AID=1151427

http://www.heavygames.com/.../download.asp

http://cdn-www.arcadetown.com/.../chickeninvaders3v3_at.exe

http://www.arcadetown.com/.../download.asp?gameid=chickeninvaders3&aid=&cid=1&ostype=win

http://www.arcadetown.com/.../download.asp?gameid=chickeninvaders3&cid=3

http://www.heavygames.com/.../download.asp?gameid=chickeninvaders3&cid=3&ostype=win

https://www.heavygames.com/.../download.asp

http://cdn-www.arcadetown.com/.../chickeninvaders3v3_at_c3.exe

Remove chickeninvaders3v3_at_c3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.