home

gamenet.ui.exe

QGNA

Syncopate LLC

The application gamenet.ui.exe, “GameNet Application” by Syncopate has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dll-overhaul.com.
Publisher:
GGS  (signed by Syncopate LLC)

Product:
QGNA

Description:
GameNet Application

Version:
3,1,3,1223

MD5:
cf1f9691fa5abde2ec9efb8170b86dda

SHA-1:
5bd9a05aecc032563542e0bec33ce4dd1ef60f1d

SHA-256:
82b568cabc0197526b20d3df2a2019910855334b3ac97a8cf6dcc59b967f9b2d

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 4:31:49 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6379

Reason Heuristics
PUP.Syncopate
15.4.14.13

File size:
583.4 KB (597,352 bytes)

Product version:
3,1,3,1223

Copyright:
Copyright(c) 2010 - 2014

Original file name:
gamenet.ui.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\qgna\gamenet.ui.exe

Digital Signature
Signed by:
Syncopate LLC

Authority:
VeriSign, Inc.

Valid from:
8/14/2013 3:00:00 AM

Valid to:
11/14/2015 1:59:59 AM

Subject:
CN=Syncopate LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Syncopate LLC, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
251831462EB15F30D8171D997EF0184B

File PE Metadata
Compilation timestamp:
1/28/2015 4:48:39 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:NI6cn5sfWTsr++8UIMT0rTgAPNot60EId7dBqTNvYYx70nOrmaooVD5Dy0neF3R:NI6cn5sfWTsr+uFdiuoJFy0neFB

Entry address:
0x36C6E

Entry point:
E8, BD, 05, 00, 00, E9, 1C, FD, FF, FF, FF, 25, 00, 12, 44, 00, FF, 25, 04, 12, 44, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 28, 54, 46, 00, 89, 0D, 24, 54, 46, 00, 89, 15, 20, 54, 46, 00, 89, 1D, 1C, 54, 46, 00, 89, 35, 18, 54, 46, 00, 89, 3D, 14, 54, 46, 00, 66, 8C, 15, 40, 54, 46, 00, 66, 8C, 0D, 34, 54, 46, 00, 66, 8C, 1D, 10, 54, 46, 00, 66, 8C, 05, 0C, 54, 46, 00, 66, 8C, 25, 08, 54, 46, 00, 66, 8C, 2D, 04, 54, 46, 00, 9C, 8F, 05, 38, 54, 46, 00, 8B, 45, 00, A3, 2C, 54, 46, 00, 8B, 45, 04...
 
[+]

Code size:
254 KB (260,096 bytes)

The file gamenet.ui.exe has been seen being distributed by the following URL.

http://dll-overhaul.com/.../32089.exe

Remove gamenet.ui.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.