garenaplus_install.exe

Garena Online Pte Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with multiple programs including Garena - Mstar and Garena - Heroes of Newerth. The file has been seen being downloaded from f25.softwaretop.net and multiple other hosts.
Publisher:
Garena Online Pte Ltd  (signed and verified)

MD5:
b3632b64da61afc00dd2a2269b1cf279

SHA-1:
db16ab36c9611eea5be8145a8129b31252282b27

SHA-256:
b014e858d80b5d48ce48b771a0eeba29e460c02beffd15cbf0bae784e7fe128c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:16:22 AM UTC  (today)

File size:
60.8 MB (63,740,272 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\garenaplus_install.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/18/2011 2:00:00 AM

Valid to:
11/3/2014 12:59:59 AM

Subject:
CN=Garena Online Pte Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Garena Online Pte Ltd, L=Singapore, S=Singapore, C=SG

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2880A7F7FF2D334AA08744A8754FAB2C

File PE Metadata
Compilation timestamp:
12/5/2009 11:53:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1572864:uWN65d6gr+asXavWyVXomvx3ktNNT8jioiAKd5Ggnd0k:uWY54PaIavWYx0tNz62D

Entry address:
0x352F

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, B8, A7, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 80, 40, 00, 53, FF, 15, 88, 82, 40, 00, 6A, 08, A3, 98, 63, 42, 00, E8, D6, 2E, 00, 00, A3, E4, 62, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 88, 0C, 42, 00, FF, 15, 58, 81, 40, 00, 68, AC, A7, 40, 00, 68, E0, 5A, 42, 00, E8, DC, 29, 00, 00, FF, 15, AC, 80, 40, 00, BF, 00, C0, 42, 00, 50, 57, E8, CA, 29, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

The file garenaplus_install.exe has been discovered within the following programs.

Garena - Heroes of Newerth  by Garena Online Pte Ltd.
Heroes of Newerth is a video game distributed through the Garena platform.
hon.garena.com
About 7% of users remove it
Garena - League of Legends  by Garena Online Pte Ltd.
League of Legends is a multiplayer online battle arena video game where players are formed into two teams of five Champions. League of Legends is a session-based game. Matchmaking creates teams with even average MMR (Matchmaking Rating) of the constituent players.
lol.garena.com
About 1% of users remove it
Garena - Mstar  by Garena Online Pte Ltd.
Mstar is a video game distributed through the Garena platform.
www.garena.com
About 3% of users remove it
Garena Plus  by Garena Online Pte Ltd.
The Garena Plus application developed for various games distributed by the comapny allows gamers to develop buddy lists, chat with friends online and check on game progress and achievements.
About 2% of users remove it
 
Powered by Should I Remove It?

The file garenaplus_install.exe has been seen being distributed by the following 10 URLs.

http://f25.softwaretop.net/tmp/cf/soft/2013/8/.../garena-plus.exe

http://file.storeglobal-best.com/tmp/cf/soft/2013/8/.../garena-plus.exe

http://f30.x8top.net/2107tmp/cf/soft/2013/8/.../garena-plus.exe

Scan garenaplus_install.exe - Powered by Reason Core Security