» fungamesetup_game.exe
Overview
Analysis
File Details
Programs (1)
Downloads (5)

fungamesetup_game.exe

FunGame

Baidu (China) Co., Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program Baidu Browser. The file has been seen being downloaded from www.softnock.com and multiple other hosts.

File name:

Publisher:

FunGame Co., Ltd. (signed by Baidu (China) Co., Ltd.)

Product:

FunGame

Description:

FunGame's Install Program

Version:

1.0.0.81

MD5:

1619b30d39f96d48672af54484071e8e

SHA-1:

f58de6b0d9a846be65d9937529cc8419bc9c2751

SHA-256:

6b59b7a795e73058e8769ee0199480316b380d83cc231ef6cc7b8d9504bb41c3

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

12/26/2024 5:45:35 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAdware

1.3.0.6379

File size:

2.5 MB (2,600,984 bytes)

Product version:

1.0.0.81

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\windows\syswow64\fungamesetup_game.exe

Digital Signature

Signed by:

Baidu (China) Co., Ltd.

Authority:

GlobalSign nv-sa

Valid from:

2/22/2012 6:18:27 AM

Valid to:

2/22/2015 6:18:27 AM

Subject:

CN="Baidu (China) Co., Ltd.", O="Baidu (China) Co., Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121DF7675AAA08D1B49A83A480F14855D24

File PE Metadata

Compilation timestamp:

12/25/2013 3:01:32 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:8iJf9HSy6IaWFMOojWev4zVW5Mq45XFN6fKGeQsoKvuAO:8UNDziWW4BWz45XFN6/h8nO

Entry address:

0x31FD

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, 92, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 71, 40, 00, 55, FF, 15, AC, 72, 40, 00, 6A, 08, A3, 58, 92, 42, 00, E8, 9F, 2E, 00, 00, A3, A4, 91, 42, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, 58, 06, 42, 00, FF, 15, 7C, 71, 40, 00, 68, C0, 92, 40, 00, 68, A0, 81, 42, 00, E8, 0A, 2B, 00, 00, FF, 15, 38, 71, 40, 00, BB, 00, 40, 43, 00, 50, 53, E8, F8, 2A, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file fungamesetup_game.exe has been discovered within the following program.

Baidu Browser by Baidu, Inc.

25% remove it

The file fungamesetup_game.exe has been seen being distributed by the following 5 URLs.

http://www.softnock.com/.../FunGameSetup_play.exe

http://static.br.hao123.com/.../FunGameSetup_sethome.exe

http://ld.hao123img.com/resource/br/gamepage/.../FunGameSetup_gamesplay.exe

http://static.br.hao123.com/FunGameSetup_play.exe

http://static.br.hao123.com/.../FunGameSetup_fungame.exe

Scan fungamesetup_game.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.