free ride games.exe

FreeRide Games

Exent Technologies Ltd.

The application free ride games.exe by Exent Technologies has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Exent Technologies Ltd.  (signed and verified)

Product:
FreeRide Games

Version:
1, 0, 1, 10

MD5:
8d5d59127bc04f15a2b7a2bd3d5fd6a0

SHA-1:
3b5690610bd7e9ebf3c05393fd98768e7820113a

SHA-256:
d83f94b532b2ba440007baafe4fd53e3d98f70dcea3cd9d7f45e29fbb9a26aee

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 11:50:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FreeRide (L)
16.9.1.14

File size:
497.8 KB (509,736 bytes)

Product version:
1, 0, 1, 10

Copyright:
Copyright © 1996-2016 Exent Technologies Ltd. All rights reserved.

Original file name:
FreeRide Games.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\free ride games.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
8/6/2016 7:00:00 PM

Valid to:
10/2/2017 6:59:59 PM

Subject:
CN=Exent Technologies Ltd., O=Exent Technologies Ltd., L=Petah-Tikva, S=Israel, C=IL

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1E33B85FE8ED0D1CB42E580D5A9707D0

File PE Metadata
Compilation timestamp:
8/2/2016 8:29:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:OmH+1JdXQzXMGAkQkeSCzP3sM/A5ba6bM17qY74oSgG/S:P+17X8AkLczj/oba6bM1777s/S

Entry address:
0x147B40

Entry point:
60, BE, 00, 50, 4D, 00, 8D, BE, 00, C0, F2, FF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 90, 52, 14, 00, 57, 83, C3, 04, 53, 68, 34, 2B, 07, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9661  (probably packed)

Code size:
464 KB (475,136 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

TCP (HTTP):
Connects to a23-58-152-158.deploy.static.akamaitechnologies.com  (23.58.152.158:80)

TCP (HTTP):
Connects to abs-cn-146.200.148.202.aircel.co.in  (202.148.200.146:80)

TCP (HTTP):
Connects to a184-25-204-106.deploy.static.akamaitechnologies.com  (184.25.204.106:80)

TCP (HTTP):
Connects to host-213.158.175.105.tedata.net  (213.158.175.105:80)

TCP (HTTP):

TCP (HTTP):
Connects to a23-10-102-129.deploy.static.akamaitechnologies.com  (23.10.102.129:80)

TCP (HTTP):
Connects to static.ill.117.239.91.42/24.bsnl.in  (117.239.91.42:80)

TCP (HTTP):

TCP (HTTP):
Connects to a184-86-250-25.deploy.static.akamaitechnologies.com  (184.86.250.25:80)

TCP (HTTP):
Connects to a104-93-208-155.deploy.static.akamaitechnologies.com  (104.93.208.155:80)

TCP (HTTP):
Connects to a200-187-85-137.deploy.akamaitechnologies.com  (200.187.85.137:80)

TCP (HTTP):
Connects to a23-221-215-162.deploy.static.akamaitechnologies.com  (23.221.215.162:80)

TCP (HTTP):
Connects to a23-214-137-219.deploy.static.akamaitechnologies.com  (23.214.137.219:80)

TCP (HTTP):
Connects to a122-252.139-113.deploy.akamaitechnologies.com  (122.252.139.113:80)

TCP (HTTP):
Connects to a104-88-23-130.deploy.static.akamaitechnologies.com  (104.88.23.130:80)

TCP (HTTP):

TCP (HTTP):
Connects to a23-35-113-154.deploy.static.akamaitechnologies.com  (23.35.113.154:80)

TCP (HTTP):
Connects to a23-196-113-228.deploy.static.akamaitechnologies.com  (23.196.113.228:80)

TCP (HTTP):

Remove free ride games.exe - Powered by Reason Core Security