home

gamemanager.exe

MyGameManager

LuckyCityGames

The executable gamemanager.exe has been detected as malware by 9 anti-virus scanners. The program is a setup application that uses the Nullsoft Scriptable Install System installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from plants-v-zombies.ro.softonic.com.
Publisher:
LuckyCityGames

Product:
MyGameManager

Version:
2

MD5:
a0f6fc54fce68cbbe2e793eb6d0329d2

SHA-1:
a700f9431df89be4abc5bf6de917ec7baff9bdde

SHA-256:
31a5cda20cd85cb778fe3a251636cd88934f3f68dadf73f06ded3bf0dd4a65ee

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/24/2024 1:53:56 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Kukacka
160327-1

AVG
Win32/Sality
2015.0.4545

Emsisoft Anti-Malware
Win32.Sality
11.5.0.6191

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Kaspersky
Virus.Win32.Sality
15.0.0.562

McAfee
Trojan.Artemis!52EA49057087
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.217.1014.0

VIPRE Antivirus
Threat.4721115
48434

File size:
1.2 MB (1,309,367 bytes)

Product version:
2

Copyright:
GameManager

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gamemanager.exe

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:1t3HWk11HtGId7zpft9IIZo+xBw/b7g2XxPimkvL8mHL:TGkV9zpft9/3zwTM2XxrPw

Entry address:
0x30CB

Entry point:
60, 03, F6, FE, C6, 0C, 35, 8D, 3D, CD, 99, B6, 78, 88, CE, 8B, C3, 69, C6, 59, BA, E9, C7, EB, 0C, 0F, B6, C7, 0F, B6, FD, C7, C5, FD, DC, FA, D6, FE, CB, 81, F9, 8E, 03, 00, 00, 23, F9, F2, 69, F1, 37, 7E, E2, 30, 55, 29, CF, C6, C5, 11, F6, C5, BB, 2B, FF, 81, FA, A7, E3, 00, 00, 77, 09, 69, F3, 60, DC, E6, BF, 0F, B6, C0, 8B, C6, 0F, AF, D9, 0F, BE, F4, 11, E8, 8D, 35, 1C, 13, CA, E8, 13, ED, EB, 09, 45, 8A, E8, 8D, 2D, 3B, E1, 29, C3, FE, C8, 0F, BF, C1, 89, C6, BB, EA, FC, 0C, 00, C7, C6, 2A, 65, 22...
 
[+]

Entropy:
7.3890

Code size:
22.5 KB (23,040 bytes)

The file gamemanager.exe has been seen being distributed by the following URL.

http://plants-v-zombies.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaeKpaKnmJY=

Remove gamemanager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.