firstblood_tr_2.1.0.7804_oas.exe

FirstBlood

OASIS GAMES LIMITED

This is a setup program which is used to install the application. The file has been seen being downloaded from odp.oasgames.com and multiple other hosts.
Publisher:
OASIS GAMES LIMITED  (signed and verified)

Product:
FirstBlood

Version:
2.1.0.7804

MD5:
b5b148515bd1a09c4dafcc72d0fe959f

SHA-1:
aa6000532b07f93761ccfce07b4cd710ea15bbf3

SHA-256:
61bafd505fec4ab832513dc3e42c81b2170af42408aae747de819a3b054a1726

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:52:49 PM UTC  (today)

File size:
1.4 MB (1,511,808 bytes)

Product version:
2.1.0.7804

Copyright:
Copyright © 2014-2015 OasgameLOriginalFilename

Original file name:
FirstBlood.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\firstblood_tr_2.1.0.7804_oas.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/7/2013 3:00:00 AM

Valid to:
8/8/2015 2:59:59 AM

Subject:
CN=OASIS GAMES LIMITED, OU=Software Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OASIS GAMES LIMITED, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1975D085E2C635F8471F00F0DF67AE2E

File PE Metadata
Compilation timestamp:
7/7/2015 5:28:41 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:xRPukH990anz7dTK8mioxFAshz2AxYykD9WtFa6+NZ1N6z7ES9lXi6WVCN:1H99LKio0Iz2AxYykD6EXNdiiJg

Entry address:
0x18B65

Entry point:
E8, 8F, 6D, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, 83, 66, 04, 00, C7, 06, 18, B3, 42, 00, C6, 46, 08, 00, FF, 30, E8, A8, 00, 00, 00, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, 8B, 45, 08, C7, 01, 18, B3, 42, 00, 8B, 00, 89, 41, 04, 8B, C1, C6, 41, 08, 00, 5D, C2, 08, 00, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, 83, 66, 04, 00, C7, 06, 18, B3, 42, 00, C6, 46, 08, 00, E8, 12, 00, 00, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 18, B3, 42, 00, E9, 96, 00, 00, 00, 55, 8B, EC, 56, 57, 8B, 7D, 08...
 
[+]

Code size:
145 KB (148,480 bytes)

The file firstblood_tr_2.1.0.7804_oas.exe has been seen being distributed by the following 15 URLs.

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=200000089326850

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=200000082333961

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=1446724915635723

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=200000083637707

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=200000071418645

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=200000086911310

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=200000076747973

http://odp.oasgames.com/.../?m=gbox.downLoadClient&gamecode=fbtr&src=homepage&server_sid=1&uid=100007035726643

Scan firstblood_tr_2.1.0.7804_oas.exe - Powered by Reason Core Security