» gamemanager.exe
Overview
Analysis
File Details
Downloads (1)

gamemanager.exe

MyGameManager

LuckyCityGames

The executable gamemanager.exe has been detected as malware by 9 anti-virus scanners. The program is a setup application that uses the Nullsoft Scriptable Install System installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from plants-v-zombies.ro.softonic.com.

File name:

gamemanager.exe

Publisher:

LuckyCityGames

Product:

MyGameManager

Version:

MD5:

a0f6fc54fce68cbbe2e793eb6d0329d2

SHA-1:

a700f9431df89be4abc5bf6de917ec7baff9bdde

SHA-256:

31a5cda20cd85cb778fe3a251636cd88934f3f68dadf73f06ded3bf0dd4a65ee

Scanner detections:

9 / 68

Status:

Malware

Analysis date:

11/1/2024 7:31:29 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Kukacka

160327-1

AVG

Win32/Sality

2015.0.4545

Emsisoft Anti-Malware

Win32.Sality

11.5.0.6191

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

Kaspersky

Virus.Win32.Sality

15.0.0.562

McAfee

Trojan.Artemis!52EA49057087

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.217.1014.0

VIPRE Antivirus

Threat.4721115

48434

File size:

1.2 MB (1,309,367 bytes)

Product version:

GameManager

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Scriptable Install System

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\gamemanager.exe

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:1t3HWk11HtGId7zpft9IIZo+xBw/b7g2XxPimkvL8mHL:TGkV9zpft9/3zwTM2XxrPw

Entry address:

0x30CB

Entry point:

60, 03, F6, FE, C6, 0C, 35, 8D, 3D, CD, 99, B6, 78, 88, CE, 8B, C3, 69, C6, 59, BA, E9, C7, EB, 0C, 0F, B6, C7, 0F, B6, FD, C7, C5, FD, DC, FA, D6, FE, CB, 81, F9, 8E, 03, 00, 00, 23, F9, F2, 69, F1, 37, 7E, E2, 30, 55, 29, CF, C6, C5, 11, F6, C5, BB, 2B, FF, 81, FA, A7, E3, 00, 00, 77, 09, 69, F3, 60, DC, E6, BF, 0F, B6, C0, 8B, C6, 0F, AF, D9, 0F, BE, F4, 11, E8, 8D, 35, 1C, 13, CA, E8, 13, ED, EB, 09, 45, 8A, E8, 8D, 2D, 3B, E1, 29, C3, FE, C8, 0F, BF, C1, 89, C6, BB, EA, FC, 0C, 00, C7, C6, 2A, 65, 22... 
[+]

Entropy:

7.3890

Code size:

22.5 KB (23,040 bytes)

The file gamemanager.exe has been seen being distributed by the following URL.

http://plants-v-zombies.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaeKpaKnmJY=

Remove gamemanager.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.