home

garenatotal.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download.garenatotal.com.
MD5:
55336bb06d448d8255bcdb7b5d6bb2c8

SHA-1:
7da69c75c5deb42d77ebb36648372ecab6c19aa7

SHA-256:
9cd2fe193d1116bf38c58e3cd50b0834da4bb8d85fe052c55e535296513ffc4f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 5:36:56 AM UTC  (today)

File size:
891.4 KB (912,832 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\garenatotal.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24576:ocPAQU7/4uOaK9VvpY2YWL4v4mm6WRcOUH3y+uGWDPqroi:6caQceL4v4mBjRWrM

Entry point:
79, 61, 6E, 67, 68, 78, 00, 00, 01, 00, 00, 00, 00, 01, 01, 00, 67, 8E, 3E, 14, 47, 8A, A3, 83, A8, E3, 9F, 37, 70, F1, C7, 72, 43, 5D, C8, 6D, AC, 74, 90, 60, 5A, E2, A6, F7, A2, C1, 37, 94, 73, 40, 36, BE, FB, 34, BE, E9, F8, 1E, 64, 26, 99, 7B, A6, 2D, E2, 1B, E0, 7E, 14, 9D, 7B, 5D, C6, 6C, 07, 07, 37, FD, 39, 60, 4A, 3A, C3, F2, 7D, F1, F3, DE, 3A, 4A, B5, 50, 6C, 96, F6, 69, 1E, 91, E1, A2, 8F, AC, 58, 77, A2, D4, B7, ED, D5, D6, 7B, 38, 92, DA, 39, DB, BE, 8D, 3E, 14, 9D, 89, A3, 83, A8, 4F, A0, 37...
 
[+]

Entropy:
7.9706  (probably packed)

The file garenatotal.exe has been seen being distributed by the following URL.

http://download.garenatotal.com/GarenaTotal.exe

Scan garenatotal.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.