gamemanager.exe

MyGameManager

LuckyCityGames

The application gamemanager.exe has been detected as a potentially unwanted program by 10 anti-malware scanners. The program is a setup application that uses the Nullsoft Scriptable Install System installer, however the file is not signed with an authenticode signature from a trusted source. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from plants-v-zombies.vi.softonic.com.
Publisher:
LuckyCityGames

Product:
MyGameManager

Version:
2

MD5:
10b1db8f01d9534a69014e0ee4393dbc

SHA-1:
f35c12a89678044e0c887fce85dbddffea6a062b

SHA-256:
96fdc5e2fb14b127d34bfc865598e0b6e9c230f2c0e24ef6952465cb49d99f08

Scanner detections:
10 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:
11/24/2024 5:49:23 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Kukacka
160327-1

AVG
Win32/Slugin.A
2015.0.4542

Dr.Web
modification of Win32.Sector.5
9.0.1.05190

Emsisoft Anti-Malware
Gen:Win32.Sality.Dam
11.5.0.6191

ESET NOD32
Win32/InstallMonetizer.AN potentially unwanted application
8.0.319.0

Kaspersky
Packed.Win32.Katusha
15.0.0.562

McAfee
Virus.W32/Sality!dam
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.215.3133.0

VIPRE Antivirus
Threat.4650432
47926

File size:
1.3 MB (1,399,962 bytes)

Product version:
2

Copyright:
GameManager

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\gamemanager.exe

File PE Metadata
Compilation timestamp:
12/6/2009 5:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:RQzHWk11HtGId7zpft9IIZo+xBw/b7g2XxPimkvL8mHFkj:bkV9zpft9/3zwTM2XxrP6e

Entry address:
0x30CB

Entry point:
60, 01, CD, 0F, A5, D3, 23, CF, FF, C6, 6A, 00, FF, 15, FC, 70, 40, 00, E8, 00, 00, 00, 00, 03, CD, 69, FE, 65, 94, 07, AE, 87, C8, 0F, AF, FE, 6A, 00, FF, 15, EC, 70, 40, 00, 5B, 81, C3, CE, 95, 82, 00, 18, D4, 0F, BD, D5, 0F, AF, C8, 81, EB, B0, 86, 79, 00, 0F, C1, C8, 87, C8, 15, CC, 5F, A6, D1, 53, 81, C3, 05, 0D, 00, 00, 0F, AD, D8, 0F, C9, C7, C1, 7C, 4F, D6, 41, 81, C3, E3, 0D, 00, 00, 8A, C6, 23, CF, 0F, CF, 81, EB, D2, 09, 00, 00, F2, 15, 4C, DF, 26, 51, 0F, BA, E0, 36, 53, 81, EB, E5, 0E, 00, 00...
 
[+]

Entropy:
7.3799

Code size:
22.5 KB (23,040 bytes)

The file gamemanager.exe has been seen being distributed by the following URL.

Remove gamemanager.exe - Powered by Reason Core Security