» dd_tera_installer.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (3)

dd_tera_installer.exe

TERA

Destiny Group LLC

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program Tera by Destiny KARO. The file has been seen being downloaded from download.tera-online.ru and multiple other hosts.

File name:

Publisher:

Destiny KARO LLC (signed by Destiny Group LLC)

Product:

TERA

Description:

TERA Installer (09d49a43)

Version:

1.0.0.1

MD5:

e33fd673a9a041dfb906f617becb2280

SHA-1:

7e702c125927216f93849cabeb7f61dca16ab485

SHA-256:

285d06d10f0ec502c309fe5b867b3edaa8d20cba1f8f3b0c3ccde75722d624f5

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/27/2024 7:31:34 AM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

SScope.Trojan.FakeAV.01725

3.12.26.3

File size:

27.4 MB (28,696,368 bytes)

Product version:

1.0.0.1

Original file name:

installer.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\dd_tera_installer.exe

Digital Signature

Signed by:

Destiny Group LLC

Authority:

COMODO CA Limited

Valid from:

6/18/2013 3:00:00 AM

Valid to:

6/18/2016 2:59:59 AM

Subject:

CN=Destiny Group LLC, O=Destiny Group LLC, STREET="Simonovsky Val, d.26a", L=Moskow, S=Russia, PostalCode=115088, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2167436E9367E70C5A24C4A47C09E043

File PE Metadata

Compilation timestamp:

1/19/2015 2:00:26 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

786432:xyywxJvIXVlayRGFO1QKWdzvthtLU3cQEjInakMZgh:xyyGJWBRz1QKWd7BLU3X7MZgh

Entry address:

0x8709D

Entry point:

E8, 15, B8, 01, 00, E9, 35, FE, FF, FF, 55, 8B, EC, FF, 15, 1C, A2, 4D, 00, 6A, 01, A3, 54, B3, 50, 00, E8, 34, B9, 01, 00, FF, 75, 08, E8, 1D, 2A, 00, 00, 83, 3D, 54, B3, 50, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 1A, B9, 01, 00, 59, 68, 09, 04, 00, C0, E8, EB, 29, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, F0, 71, 04, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 38, B1, 50, 00, 89, 0D, 34, B1, 50, 00, 89, 15, 30, B1, 50, 00, 89, 1D, 2C, B1, 50, 00, 89, 35, 28, B1, 50, 00, 89, 3D, 24... 
[+]

Code size:

867 KB (887,808 bytes)

Program Uninstaller

Program name:

Tera

Display publisher:

Destiny KARO

Uninstall string:

F:\game\tera\Destiny\uninstall.exe

The file dd_tera_installer.exe has been seen being distributed by the following 3 URLs.

https://download.tera-online.ru/.../dd_tera_installer.exe

http://download.tera-online.ru/.../dd_tera_installer.exe

http://download.tera-online.ru/.../dd_tera_installer_1.0e.exe

Scan dd_tera_installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.