home

gamemanager.exe

MyGameManager

LuckyCityGames

The file gamemanager.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from plants-v-zombies.th.softonic.com and multiple other hosts.
Publisher:
LuckyCityGames

Product:
MyGameManager

Version:
2

MD5:
52ea4905708775da2770ca28bf60ab6f

SHA-1:
2c06cec41be9b3efe2b4b53845a4e8a016600dd1

SHA-256:
38278b29b2f6989611abbaa2c3f21adbd76869298dca0cff5d213b5a9e29800e

Scanner detections:
5 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:
11/1/2024 3:27:40 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/InstallMonetizer.AN potentially unwanted application
7.0.302.0

Kaspersky
not-a-virus:AdWare.Win32.InstallMonster
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.219.1294.0

Reason Heuristics
PUP.InstallMonetizer.ET (M)
16.3.10.21

VIPRE Antivirus
Threat.4150696
50222

File size:
1.2 MB (1,235,639 bytes)

Product version:
2

Copyright:
GameManager

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\gamemanager.exe.wqk21fp.partial

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:8KHWk11HtGId7zpft9IIZo+xBw/b7g2XxPimkvL8mHL:4kV9zpft9/3zwTM2XxrPw

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.3328

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file gamemanager.exe has been seen being distributed by the following 50 URLs.

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-MoqSfk5k=

http://plants-v-zombies.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaWQnqOnlJU=

http://plants-v-zombies.id.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-IoJ2hmpw=

http://plants-v-zombies.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqiOo6Kok5s=

http://plants-v-zombies.ru.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaiKo6Gimps=

http://plants-v-zombies.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-LppyfmZ0=

http://plants-v-zombies.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqiOp52lmZc=

temp:InstallPlantsVsZombies042016.exe

http://chickeninvaders5.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmFrgIixlXHsW75KghYmvjrVRoxWOFrb9/uiVpEIjy7M70AcIdMuasrlt0MZ9OKEwxoxJPBui9JPLPGooGLvtPIafbA55aNd8UKY/Rw/gk6nE/.../I cRe0Oi4Ab0Wbwk=

http://plants-v-zombies.ru.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-HoZ-jl5o=

http://plants-v-zombies.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqiOn52gkps=

http://plants-v-zombies.id.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-KpJ6hkpg=

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaWIn6WhmJc=

http://plants-v-zombies.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-Kn5ymkZk=

http://plants-v-zombies.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaiIpZyflZ0=

https://chickeninvaders5.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmFrgIixlXHsW75KghYmvjrVRoxWOFrb9/uiVpEIjy7M70AcIdMuasrlt0MZ9OKEwxoxJPBui9JPLPGooGLvtPIafbA55aNd8UKY/Rw/gk6nE/.../I cRe0Oi4Ab0Wbwk=

http://plants-v-zombies.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-Mp5-hmJo=

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaWPp5-kmpU=

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-Lpp6glZk=

http://plants-v-zombies.id.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqaInqCml50=

http://plants-v-zombies.ru.softonic.com/start-download/.../940a56d9fd9aef69c3a7a8a7b63afffa

http://plants-v-zombies.id.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm5-Ho52lk5Q=

http://plants-v-zombies.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqWNo5ymlZg=

http://plants-v-zombies.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqSHoKKjkZc=

http://plants-v-zombies.cs.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaaPpqGompo=

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqSLpaSkmJo=

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaWMpKGlmZk=

http://plants-v-zombies.th.softonic.com/start-download/.../590315148e80bd3ce7be3dbd7586976f

http://pvsz042016.turbodisk.net/plants-vs-zombies-game-of-the-year-edition-setup.exe

http://plants-v-zombies.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaeJnpymk5g=

Latest 30 of 85 download URLs

Remove gamemanager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.