» cricket_97_full_pc_game.exe
Overview
Analysis
File Details
Downloads (1)

cricket_97_full_pc_game.exe

TOV

The application cricket_97_full_pc_game.exe by TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from s59f.storage.yandex.net.

File name:

Publisher:

TOV (signed and verified)

MD5:

0fc7a2fa6fe9a30c0f6ada21b3ea9ed0

SHA-1:

d192497de73e489e29017b6774e22bf5dd49f8d2

SHA-256:

f66c4293508dd419129ea075b21ab971f2f36b88d5eaa5748ebf07d991c02e89

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 10:49:08 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Bundler

17.2.7.8

File size:

4.2 MB (4,416,624 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\cricket_97_full_pc_game.exe

Digital Signature

Signed by:

TOV

Authority:

COMODO CA Limited

Valid from:

11/7/2016 3:00:00 AM

Valid to:

6/13/2017 2:59:59 AM

Subject:

CN="TOV ""Smart Biznes Solyushns""", OU=IT, O="TOV ""Smart Biznes Solyushns""", STREET="vul. Vandy Vasylevskoi, 7", L=Kiev, S=Kiev, PostalCode=04116, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

42AEAF4866B3499E1C8844EB8D4AF718

File PE Metadata

Compilation timestamp:

12/5/2016 3:05:30 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x400110

Entry point:

55, 8B, EC, 6A, FF, 68, E0, 66, 80, 00, 68, DC, 0D, 80, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, A4, 40, 80, 00, 33, D2, 8A, D4, 89, 15, 5C, 73, 80, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 58, 73, 80, 00, C1, E1, 08, 03, CA, 89, 0D, 54, 73, 80, 00, C1, E8, 10, A3, 50, 73, 80, 00, 33, F6, 56, E8, 16, 0B, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, E1, 07, 00, 00, FF, 15, A0, 40, 80, 00, A3, 58, 78, 80, 00, E8... 
[+]

Entropy:

5.5772

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

4 MB (4,206,592 bytes)

The file cricket_97_full_pc_game.exe has been seen being distributed by the following URL.

https://s59f.storage.yandex.net/rdisk/0e696955fdc7a9998b78b3febcb5db941eece7b782613753d4eb98734bca0b8c/58459127/aZH-Bd0z9TWGwvI_b4Pm4FGJTkIYeAEr4aO9Q316AtEv2-OJ6JzxfVR1SZsx0YtAy4XuPo8LN-AnWlaqigZvSA==?uid=0&filename=Cricket_97_Full_PC_Game.exe&disposition=attachment&hash=mGiIq4m8doZI6I0Gq3SSZLHftrfuNvtZ IMNuIrb8As=:&limit=1&content_type=application/x-msdownload&fsize=4416624&hid=3a2c5dc704fce01b41a138d1289a6f5f&media_type=executable&tknv=v2&rtoken=UoOgKU9bJzb7&force_default=no&ycrid=na-fdffdbeb7d5abe5d721205cd17e45717-downloader8h&ts=542eb821957c0&s=7f80d8d46de30615b9e45abbd5f169b16ce1fbf38b8f77fd92d43581ee5565a1&bp=/39/.../data-0.9:37743336379:4416624&pb=U2FsdGVkX186aGBVtsqGUZKPPbcKSGL5oDb9tPlMTb2Son-uUzYf6sV_vax7PjIU4qrPWqB4TCyOxBpsEVjySNl6-7tKq2OmSqarCxRE1h8=

Remove cricket_97_full_pc_game.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.