» game37679-3828-torrent.exe
Overview
Analysis
File Details
Downloads (1)

game37679-3828-torrent.exe

SysTracer v2.10

APEP

The application game37679-3828-torrent.exe by APEP has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from downloader.disk.yandex.ru.

File name:

Publisher:

Blue Project Software (signed by APEP)

Product:

SysTracer v2.10

Version:

2.10.0.109

MD5:

acfd7c59e629413fd8b400c8fbd17f21

SHA-1:

98b14bb12afe326fd8e75d276b48c0389f9e98f8

SHA-256:

480ad334e05b0da3d7592a1278c3c2fc6bf445bffe1ea913642e75af12ed2556

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 2:13:23 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.FileTour (M)

17.3.4.16

File size:

2.7 MB (2,783,152 bytes)

Product version:

2.10.0.109

Original file name:

SysTracer.EXE

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\game37679-3828-torrent.exe

Digital Signature

Signed by:

APEP

Authority:

COMODO CA Limited

Valid from:

6/10/2016 3:00:00 AM

Valid to:

6/11/2017 2:59:59 AM

Subject:

CN=APEP, O=APEP, STREET="Bajkalskaja, 216 A/5", L=Irkutsk, S=RU, PostalCode=664075, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

77C5C9138FCDB38AC8A8BF46C3C991C2

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x77C007

Entry point:

51, 33, C0, 83, C0, 02, 48, 8B, 80, 5D, F1, B6, 00, 0F, B6, 00, 83, E8, 08, 50, 2C, B0, 0B, C0, 50, EB, 0E, CD, 0B, 90, 90, 9A, A0, 90, 90, A0, 90, 90, 90, 90, 90, 59, E9, AA, 04, 00, 00, 15, C3, E9, BA, 02, 00, 00, BC, E3, E9, 9B, 0D, 00, 00, 7E, B9, 1D, 92, 30, 00, E9, A3, 0A, 00, 00, 2A, 89, 11, E9, CB, 03, 00, 00, 56, 39, 13, B8, CE, F0, 3F, 00, E9, E0, 06, 00, 00, AF, 63, FE, B8, 4C, 13, 16, 00, E9, 72, 07, 00, 00, 76, DD, 05, FC, 59, D1, 00, EB, 02, 88, 45, 68, 82, 49, ED, 7A, EB, 0E, 81, 44, 24, 04... 
[+]

Code size:

2.5 MB (2,636,288 bytes)

The file game37679-3828-torrent.exe has been seen being distributed by the following URL.

https://downloader.disk.yandex.ru/disk/7a86bcc79ea1d3ebd085f9624ea0952f70d54a52e301046a59a319283e91fb9f/579371ee/.../x-msdownload&fsize=2783152&hid=207aa85606d5d54e69a8dfd68253ad92&media_type=executable&tknv=v2&etag=acfd7c59e629413fd8b400c8fbd17f21

Remove game37679-3828-torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.