game_284zzi.exe

The application game_284zzi.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. The file has been seen being downloaded from up.3c-automation.com.cn.
MD5:
e5ec1005c5898e197925ec53b225d5ff

SHA-1:
ae649fef17f31dafd3b3206ecca42ca83bb5d02b

SHA-256:
4fccd72c1f99f7ae089a4a84bc5f047bc0fdbc379736d5491c4f7b3963c50a51

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/28/2024 3:41:29 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.TopTools.20
9.0.1.05190

Reason Heuristics
Adware.Toptools.DB (M)
16.7.17.23

File size:
1023.3 KB (1,047,837 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\game_284zzi.exe

File PE Metadata
Compilation timestamp:
4/1/2016 11:25:21 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:zCxYCnepRQO6mhIoOkYt2a0CZfbbokVtf:z0YCnepnDhIo1Yt2a0AfbboWtf

Entry address:
0x8074E

Entry point:
32, 4E, 53, 5A, 69, 5A, 48, 4E, 70, 5A, 32, 34, 39, 4D, 44, 56, 6C, 4E, 47, 51, 6D, 62, 57, 46, 70, 62, 6D, 56, 32, 61, 57, 78, 30, 65, 58, 42, 6C, 50, 54, 42, 34, 4E, 43, 5A, 7A, 64, 57, 4A, 6C, 64, 6D, 6C, 73, 64, 48, 6C, 77, 5A, 54, 30, 77, 65, 44, 45, 77, 4D, 44, 41, 77, 4D, 43, 5A, 6E, 63, 6D, 46, 75, 5A, 47, 56, 32, 61, 57, 78, 30, 65, 58, 42, 6C, 50, 54, 42, 34, 4F, 44, 68, 6A, 4A, 6D, 6C, 7A, 58, 33, 42, 68, 5A, 32, 55, 6D, 59, 6D, 52, 7A, 61, 57, 64, 75, 4D, 6A, 31, 69, 4E, 6D, 46, 69, 4E, 6A, 49...
 
[+]

Entropy:
5.7079

Code size:
765.5 KB (783,872 bytes)

The file game_284zzi.exe has been seen being distributed by the following URL.

Remove game_284zzi.exe - Powered by Reason Core Security