free_freecell_solitaire2015_v300_setup.exe

Free FreeCell Solitaire

TreeCardGames

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.bytesendclear.com and multiple other hosts.
Publisher:
TreeCardGames   (signed by TreeCardGames)

Product:
Free FreeCell Solitaire

Description:
Free FreeCell Solitaire Setup

Version:
3.0

MD5:
9d486629722f3745d95f53023d4418fc

SHA-1:
55b86364ecbce1b845b13758414194ce70fc7704

SHA-256:
a47e943c3ad998a7d5d5c4a3ca6261788eacbffb0d3ba995c41b814e455305b7

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 2:36:16 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6979

File size:
7 MB (7,371,488 bytes)

Product version:
3.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\free_freecell_solitaire2015_v300_setup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
8/27/2013 9:00:00 PM

Valid to:
11/26/2016 7:59:59 PM

Subject:
CN=TreeCardGames, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TreeCardGames, L=Piacenza, S=Piacenza, C=IT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0345A71782623C56B1ACED11AF14C6C1

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:AHKwxN92PKd4tuM/3blHL8a2dAPZM30RS7SlPCvrg3:8KwxN9UH39PO0hlqvrq

Entry address:
0x9B24

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, DB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9994

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file free_freecell_solitaire2015_v300_setup.exe has been seen being distributed by the following 11 URLs.

http://www.bytesendclear.com/YLbWu11PzBJNRmYwqHhIa84j_WvKKQ6WDyriERn8FDqH_MFz7leCDmre5hk39kdsMa8r boBI9cE0 Qf 2fqnYSH4KH6DJI2wbvxTNv1wa8nydvz7Lhrtvb19KxKJFGGE_aD3LNVA_WE2e4koBWKFOiVyM8sxdblXH3F7qOD1iIA4eUZ5EKlqa5HejiuAMAZs alcfP qKEqFS3qS4zBZoaKIj_H75Fsr_kL5s3UidARLflLVZuYZ3nzeewm_8M5O1opLsZPgeQgDzugj81yCPeaBLJZsXASvk5Xs8mfv0IcshpKblbQOsbcOlYSui_hfjWaEtYV4JvXD9ZDWK3xWWuz1y8z6S0XESby_8tTHbWiJPL7q2gNUsiJ8PBGP8QkHzMUEUETVlFj8Qs yEcm1yOPzO1leAdNemTWW1JV5zwQlMls4HXYvDa8Ghe6IB52IMihFPOjU p1xLhKCRWj 9Pe7kk9bEXlFxBYBDdF4VeFGjgv1YoDTttO7CQPl7F6zVK2LcV7zLVZu0kranILEJhkGS2PjLkyDgnl9xHfToSepXgSQgjzKMYzybBEaIfBlO18MHEFGMo0M2pvtNFuPhYwD7b3xw==-G3cAAGR0W0z8JSDWYP0u4E45YK8lQZhJbie859BxK0WO7aNvzEZp7F5BTpXwaBxPqn4gezjWb97SX7_HEbiSygyJAg5VCGwrvN TN cgxzDFiHCjUnRouMQDHeK8MhCvAA==

http://www.bytesendclear.com/GKW hGYF4rknM_q65P0cVOY6ux4ZzoEc6aDOenlEizTkt2pqSYDdx1c2YBk7TpBW1a_rH9T5wrNn1R98olphBZNHSuz6zzHdVGsrl726yyo 8MMumoTWmSEaePCLMS0lZZuJiC9dgLL8f79ANAqWcQfBeF3l2BgHRnlPE9fM9wNKwtSz jQeGUEyUGuonUKnaw2kNkDgEEAi8zIMMSL4KdlRErQZ5PJQqKml8bDSS8cS7iGsSYrNAbFf4Q Uyr4bjaL8F6JpJAFYZPKCF0AfckgYIf2ZRZBi3jeVHiWVSpflwPxfnuAFqzy0Wl5mL7uah1bWxdVImy9UJ1kxTodaC5M_vypJqC7iUTHzCBBp8JuQpEW9lTp0b0d8VeSdZoKm_wVMSoe6LPkuV73LduCULa0ejLn4drxUCXIpVZ6HCsu2mNpvhaQ1VRljdU_LpKlIZYReFdlpR TOASBkg6HeRSiJANFp8w5TC9eV2MXUr36YUw 5rgAw8JY5xxLvtaU2qfOgAxFJV8FlAVCipAkoDBgdaWnUlpYfAWWY_gUDHQwYVlazOddwJSkYHMdl13Zua205FslwAgKmQVeMAyxZx9g2LUEY7Hfzcg9e55qvRIDjXq12rfo=-G3cAAGR0W0z8JSDWYP0u4E45YK8lQZhJbie859BxK0WO7aNvzEZp7F5BTpXwaBxPqn4gezjWb97SX7_HEbiSygyJAg5VCGwrvN TN cgxzDFiHCjUnRouMQDHeK8MhCvAA==-E

http://www.bytesendclear.com/X5v8thZ EEtDfCFoqnEOn3HM8B990kEoohCPfvu1WbBWg8Qh 8Gk_Wv9xdJ0ULYn4JCV_IUvlJm7EGQ72SQWTeSAKjarGW6_lKeRYqjfCOGLhE1oolOQq 8B5T D8Pc9s_SlXPSCXiytMOwggo_EHjRDEz9PuqS_HPTXsxCyTR2YU54s1SPUlvb_zViG4DvVMwfAvChW7R8btB_lNhiIXTPQ9Q5 B PumoD vL oLFJNo13JHNktwK_SO_ITTAKOkEgqtjdj YlLVz 3pW7M7VMLxDjzIznpvJgimWfVs82LGjcNhXi0MxhCAXOdwDzmajIwpyO2hjDS4iOCWXBHcgXmKyXoue8 O7UsZha0sfGIOoyhtOS5_eCWZSueVnFJFG2DynJiQ5PEzqU08ZfIhYD8S31xQVI8i8tgqYR_r0A_Q_6YnzSPwAECK_FTY3oz3zeS9Ub_PZwWsEjQH9SBVwQfEHVWtSuQWtpNGFYuL8THDzdi3dbgVySs8YdkgEKSEgdk3bWctvzaHP5vHhu0Z9xNuIAUBlxu78NCytGueO1CeCfFaMOJHk0uWFk05mKraNFvKBL UJ6VSRadRCm0fvzDMa8FzUYIyU0dZTwwp5e_yy6yCBY=-G3cAAGR0W0z8JSDWYP0u4E45YK8lQZhJbie859BxK0WO7aNvzEZp7F5BTpXwaBxPqn4gezjWb97SX7_HEbiSygyJAg5VCGwrvN TN cgxzDFiHCjUnRouMQDHeK8MhCvAA==-E

&onid=2647&oid=3001-2647_4-75450604&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/casion-card&topicbrcrm=&pid=14438235&mfgid=58524&merid=58524&ctype=dm&cval=SPIGOTWIN&devicetype=desktop&pguid=55855cc0c6aa0b4a86a2b69f&viewguid=aKO8Ytz5EpJUENmz95FO8KHPb1cB8FzT9WKl&destUrl=http://files.downloadnow.com/s/software/14/43/82/.../free_freecell_solitaire2015_v300_setup.exe

&onid=2647&oid=3001-2647_4-75450604&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/casion-card&topicbrcrm=&pid=14438235&mfgid=58524&merid=58524&ctype=dm&cval=SPIGOTWIN&devicetype=desktop&pguid=ba34a54f18c9af641880dad7&viewguid=aBtpA8QN5r0bJz2BTs3pY5juoLubMhE@TSlv&destUrl=http://files.downloadnow.com/s/software/14/43/82/.../free_freecell_solitaire2015_v300_setup.exe

Scan free_freecell_solitaire2015_v300_setup.exe - Powered by Reason Core Security