dbrelated.exe

Tibia Player

CipSoft GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from www36.zippyshare.com and multiple other hosts.
Publisher:
CipSoft GmbH

Product:
Tibia Player

Version:
8.60

MD5:
2aff92bfe058c560ce0c8ea8eaa47eca

SHA-1:
341bee04f188d8729c4374f9029f4a733b34a4cb

SHA-256:
5c84f9b9a9b2307157f634ea9f11fa561b9de1853f8c573d5fc972f44ca08b84

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 4:22:41 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.7383

Dr.Web
Trojan.Inject1.63523
9.0.1.0346

IKARUS anti.virus
Trojan.Inject2
t3scan.1.9.5.0

Qihoo 360 Security
HEUR/QVM18.1.Malware.Gen
1.0.0.1077

File size:
21 MB (21,987,053 bytes)

Product version:
8.60

Copyright:
Copyright (C) CipSoft GmbH 2002-2010

Trademarks:
Tibia is a registered Trademark of CipSoft GmbH.

Original file name:
Tibia.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dbrelated.exe

File PE Metadata
Compilation timestamp:
6/29/2010 11:08:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:3DiBbVe0hAEoggg6IrvkBmHuhwZW9LI7bhNOMkP5EQkwJRwN21KfjxYVXU:TkM0hA4gg6IrvkoHuK17LODxku2xSk

Entry address:
0x455B33

Entry point:
E8, 00, 00, 00, 00, 60, E8, 4F, 00, 00, 00, 9E, 56, 62, 69, 83, 21, 6E, 9D, 38, 38, DF, CF, 9C, 5C, 1C, 66, 37, 94, B6, 58, 8B, D0, B6, 4E, E9, 65, 18, 31, 2F, 9C, D1, AA, 7A, 92, A8, B3, 26, 84, A9, CC, 31, FD, 45, 80, 39, EE, 9E, BA, C3, 6C, E5, 27, 42, A8, B4, 91, C3, 6C, E5, 27, 42, A8, B4, 91, E9, 1A, 6D, 00, 00, E9, 2E, 6D, 00, 00, E9, 29, 6D, 00, 00, E8, 6E, FB, FF, FF, 6E, 04, 01, 00, 7F, 99, 00, 00, 5E, 41, 5C, 43, 8D, BF, D1, 26, 60, B4, 74, A6, 57, B1, 91, DF, B9, 0C, D0, AD, EE, 8D, 69, 35, 4F...
 
[+]

Packer / compiler:
MoleBox v2.0

The file dbrelated.exe has been seen being distributed by the following 4 URLs.

http://www36.zippyshare.com/d/KW2hD5nr/.../DBRelated.exe

Scan dbrelated.exe - Powered by Reason Core Security