» dd_tera_installer.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (1)

dd_tera_installer.exe

TERA

Destiny Group LLC

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program Tera by Destiny KARO. The file has been seen being downloaded from download.tera-online.ru.

File name:

Publisher:

Destiny KARO LLC (signed by Destiny Group LLC)

Product:

TERA

Description:

TERA Installer (09d49a43)

Version:

1.0.0.1

MD5:

11af90589d79c477bf736c752555e9b8

SHA-1:

fbc6f18a5856d41f25dcad525dae29f85bc107b0

SHA-256:

a1624434a5fd595b81cbd80a89d736f28b9aee3b0e7fa20eb8b894701270ccc3

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/27/2024 7:36:16 AM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

SScope.Trojan.FakeAV.01725

3.12.26.3

File size:

27.4 MB (28,694,512 bytes)

Product version:

1.0.0.1

Original file name:

installer.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\dd_tera_installer.exe

Digital Signature

Signed by:

Destiny Group LLC

Authority:

COMODO CA Limited

Valid from:

6/18/2013 3:00:00 AM

Valid to:

6/18/2016 2:59:59 AM

Subject:

CN=Destiny Group LLC, O=Destiny Group LLC, STREET="Simonovsky Val, d.26a", L=Moskow, S=Russia, PostalCode=115088, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2167436E9367E70C5A24C4A47C09E043

File PE Metadata

Compilation timestamp:

1/19/2015 2:00:26 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

786432:XEN5qjvSWeRAF75kNeJfK4S2XeLxrp8k+MYvoUGk8VOtiU:XE7qjBeRAl56e9K4S2uJo5GBOIU

Entry address:

0x8709D

Entry point:

E8, 15, B8, 01, 00, E9, 35, FE, FF, FF, 55, 8B, EC, FF, 15, 1C, A2, 4D, 00, 6A, 01, A3, 54, B3, 50, 00, E8, 34, B9, 01, 00, FF, 75, 08, E8, 1D, 2A, 00, 00, 83, 3D, 54, B3, 50, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 1A, B9, 01, 00, 59, 68, 09, 04, 00, C0, E8, EB, 29, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, F0, 71, 04, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 38, B1, 50, 00, 89, 0D, 34, B1, 50, 00, 89, 15, 30, B1, 50, 00, 89, 1D, 2C, B1, 50, 00, 89, 35, 28, B1, 50, 00, 89, 3D, 24... 
[+]

Code size:

867 KB (887,808 bytes)

Program Uninstaller

Program name:

Tera

Display publisher:

Destiny KARO

Uninstall string:

D:\game\Destiny\uninstall.exe

The file dd_tera_installer.exe has been seen being distributed by the following URL.

http://download.tera-online.ru/.../dd_tera_installer.exe

Scan dd_tera_installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.