goat-simulator.exe

Potirod

Gotume

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.bitssigncurrent.com.
Publisher:
Gotume

Product:
Potirod

Description:
Potirod Setup

Version:
3.7.5.8

MD5:
47d6e50b65574d738d92dc4f61247941

SHA-1:
89434a85aba170a2c6d2addc7ca8b225d1e13578

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 4:37:15 PM UTC  (today)

File size:
1 MB (1,091,856 bytes)

Product version:
3.0.7

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\goat-simulator.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:ODTzf06GHF20t2dJwsOVpMfULVpafySzLBgbrR8QTXFUKqiDevQwNZ:ODvs6IFPtUSkfULvafpLcR9TmKDDeIIZ

Entry address:
0xA5F8

Entry point:
60, 14, 6B, 78, 08, 8A, E8, 69, CA, 92, 35, A2, 5D, 78, 0A, B0, 58, 35, 79, 5A, B2, BA, 0F, B7, C2, 88, EC, 0F, BE, FD, 8D, 15, C8, 43, 23, 34, BF, F7, AA, DB, D1, 81, FE, 19, 23, 00, 00, 0F, B6, C0, F6, C3, 9C, C7, C7, 67, E1, D3, CB, 8B, DB, BA, 7B, 7D, 04, 41, 69, C3, CD, 29, C2, A8, 8D, 1D, C1, 37, 8A, 30, FE, CC, F6, C7, BE, FF, C8, E8, 23, 00, 00, 00, 81, FE, F6, 36, 00, 00, 71, 07, C7, C7, C1, 61, F6, F9, 47, 73, 07, F6, C3, CB, 14, D7, B7, 71, 88, E2, 0F, AF, DD, 81, FD, 5D, 87, 00, 00, 3B, E9, 77...
 
[+]

Entropy:
7.9170  (probably packed)

Code size:
39.5 KB (40,448 bytes)

The file goat-simulator.exe has been seen being distributed by the following URL.

Scan goat-simulator.exe - Powered by Reason Core Security