home

Far Cry Primal InstallShield.exe

Far Cry Primal InstallShield

This is a self-extracting archive and installer. The file has been seen being downloaded from dl.dropboxusercontent.com and multiple other hosts.
Product:
Far Cry Primal InstallShield

Version:
1.0.1.0

MD5:
e1a88acccad912f62a9646a102783ebd

SHA-1:
8a156d95f4194eebef5861a19f884e7b84d3bfa5

SHA-256:
e5117cbb7bf4913a2b522ae9a9cc7526c7bacb44dafea9ab5448dc2b16b65211

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 1:46:36 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Malware.RDM.36!5.2A [F]
23.00.65.16228

File size:
6.7 MB (7,014,400 bytes)

Product version:
1.0.1.0

Original file name:
Far Cry Primal InstallShield.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\far cry primal installshield.exe

File PE Metadata
Compilation timestamp:
2/24/2016 6:39:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
196608:1wTG2LriLrlil4iR8nDklQwQ+kuxdxSGJRmdQI:1wT1FR8naZSG6dQ

Entry address:
0x6242EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6.1 MB (6,431,744 bytes)

The file Far Cry Primal InstallShield.exe has been seen being distributed by the following 4 URLs.

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

http://farcryprimal-pc.pl/FarCryPrimal

Scan Far Cry Primal InstallShield.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.