» HEROES3.EXE
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Downloads (24)

HEROES3.EXE

Heroes of Might and Magic III: The Shadow of Death

The 3DO Company

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from s7652.chomikuj.pl and multiple other hosts.

File name:

HEROES3.EXE

Publisher:

The 3DO Company

Product:

Heroes of Might and Magic® III: The Shadow of Death

Description:

Heroes of Might and Magic® III

Version:

4.0

MD5:

cf6e7051ce1e93083de96edd8f0f7a8b

SHA-1:

e9a30199d56846ae07a3b70367da0785aa5ea2ec

SHA-256:

7fad0e01953f56509ccea84c486f026e88472e03e268ad9060630f2298c4bbea

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/16/2024 6:55:13 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Pedka

1.3.0.4613

File size:

2.6 MB (2,732,032 bytes)

Product version:

4.0

Trademarks:

3DO, Heroes, Heroes of Might and Magic, New World Computing, The Shadow of Death, and their respective logos are trademarks and/or service marks of Th

Original file name:

HEROES3.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\ubisoft\heroes 3 complete\heroes3.exe

File PE Metadata

Compilation timestamp:

2/26/1996 5:38:09 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:dONsven84ao6AqSQbaFNG1hICgj5S/yVXaVRRK6I:dO2u3bqzS51bcVRkv

Entry address:

0x21A2B4

Entry point:

55, 8B, EC, 6A, FF, 68, C0, 5D, 64, 00, 68, 28, A5, 61, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 08, A2, 63, 00, 33, D2, 8A, D4, 89, 15, 00, B7, 6A, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, FC, B6, 6A, 00, C1, E1, 08, 03, CA, 89, 0D, F8, B6, 6A, 00, C1, E8, 10, A3, F4, B6, 6A, 00, 6A, 01, E8, 48, 6C, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 78, 2F, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

2.2 MB (2,330,624 bytes)

Scheduled Task

Task name:

{0EF87461-EFA3-48A2-9FB0-77A3B5022C54}

Trigger:

Registration (Runs on registration)

The file HEROES3.EXE has been discovered within the following program.

Heroes of Might and Magic 3 Complete by GOG.com

Heroes of Might and Magic 3 Complete is a digital video game distributed through the DRM-free GOG service. This game can be run from the optional download manager or directly downloaded through the cloud.

www.gog.com

3% remove it

The file HEROES3.EXE has been seen being distributed by the following 24 URLs.

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvB30h-W6t3JDypDDy9YS4HEpui_aDIFprLpChDQAAJS-osrXF5LnvYnJRBEsiLJTxzZ9ZUKVAgW_GL5LxxTg2CtRsSBahdQAFwrMwsFDfs0zmLXcRehmMoMAWlkmcK2H_w&pv=2

http://s6861.chomikuj.pl/File.aspx?e=DOUqqkQ9Y3EKyuoWRgk9Sp6eGKzPW3nKkJrAseeRgdWGkMgEuuBaE5yncsUWhAf1NsN731WWMldNL6_f7sogyXifgOnSk9hatxbNJpVGNhQT1eNsYWBHttjj8JZNwDcd4lSePqG7ARlbngNVVPwglA&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvGeHZuAAjagkie7g6MptfOsY7MS_Pg2vU0gQp--l7Jvh0DIZJRhlsYYDaOzjrsFqMc84iS6xmIdZjg9rBLsLKvQzh8wI5H4dqxwCbaziBfJbPTwSDSifSmqRkzxw83PICA&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvDIE9b_zQHCO_L1PdLsJeIAcb1d2Q3m1sMHgjspqD0LEU78Mtyza5NP-CbUpNtxsD9eqWGG_Rs1yzdrGjs6hRfAnjEUo53bdAIYGUYNfpOmz9WWUJFe3P0u1IFOeXa3Lng&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvLbUlJUJlaGDXCZ8VF2tvEhOLE9aTHK_d4kf3hE2h6lZdI9jFgaTH2ylTyQqOMqJjIfztCVEnlSvbWS9pLRQ_jobVWqjDuDPn52hvH6h6EROzaKj9pqKLuhJwd-wrfpyhA&pv=2

https://drive.google.com/uc?id=0B5kGx-29o-BsTmp1cFBDTFJYcFk&export=download

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvH_knIEcHHHgYnKmAVb5lubEHXc0kMYOEo0I8XXS4CocXLdDM0XROCRGneNd3MmAa18JAKBKIcu5z_9wvxBMaWChgBEGi6Qa6pQpE9I9LhZKbhf24wGkbHeY6geDRky4Ug&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvIm1DmioxhtdY-h9U2oafBbaTGofgIv0XTsN8zeLOOJUothQIxnGOuRcFlfschz5b0IUZeH4i62cboikvMDyrn71Oqwqicu_w_8ABp710ac8gQ-PM3tAw0DJqVp51l3QNQ&pv=2

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvIm1DmioxhtdY-h9U2oafBatYo5A37BfCOIQOBOsPmhcR0EwrJgEoRkmVxCJIBFHiq-Yh8E-DsFBHnL63KDgFCqLWGlIrtqiGkkuskAwODhb6nDrX_LUgTBsCEp3LUIN5Q&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvOWaJAEtprxV5zRTb8Xd6si-GTnTFfK0nvVcM8XmMiOGALTdsOjvz149gTa6GTXXNbT9P-1_6eAL-2jI3NSDby3sIPk8_nzMrl0J5YTWA0_7sU1fRbbzQ5XXXYWvGGaoiw&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvCWSNDYdDJuOZsQr4DILP4k1pU7ZtwoC3K0xEneFfuiIY1H_LuHfQVRefznyUgYWeNsQB_CLIg2sOSLVPzaA_a3W9yI7xIPkcg8W9PL9TK9zAdZCw7fmBcVm2wbADkyNCA&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvFv_zzaJgn6un5JmPtrdVSun_HLurMFllG84VZYWAodMWnuqog9Z7azxtiOMsqx_rewSCjhpgMTBSpiX5HnWByfGZi-zavra9xftkvKhUE7bSqez8eJT8domkW68t9Zjlw&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvDIE9b_zQHCO_L1PdLsJeICJQOdIS9quX05Dv8yCKtXI0qGiGn5j1Eb-Yvi0irMsvd5G6X-UFfLJCyHRCCJ7hOYGcxI9SoBt4uBUVWZDxuyhkoRjtSnFj2TuP6RpDkAsqA&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvGeHZuAAjagkie7g6MptfOu8sgh-6yro4QDIYyG0btFLM-8tov-CHxf24mIMwykvaLqHh5odXnFmHWBxZc2gcCaJf4PGuJRqNmHhUmikl_GVXrlnPRUSlOYvmyq2QhSHQg&pv=2

http://s98.chomikuj.pl/File.aspx?id=143938&vid=354351509&tk=1519761&t=634763249751610347&d=60&k=1342320&name=Heroes3.exe&loc=PL

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvMFQCwjsMLAnYWrASwYb2lWTUe_4Y14eVFXv-qFph-qrh8lJhBo95S0oOSkdGdfbWC1U6n_FjbUvwj8wA4Yy9fP10wKKpR0hmgArA4EonmaM8MQejNvrQyVQ0sEbFnkhWA&pv=2

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvLi4oGSVkSXwcaUSLlyvyGk8blClTJ07Lo6grBN8g7_b1v3FrTqHHl7tonWxMwkSEkmtT_MnORh5rEPGkAwQMB0geF5S6RNheiAHD13NzusLIEaWfkNsT2jdR0gCNYXu1g&pv=2

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvDIE9b_zQHCO_L1PdLsJeIBvR-Lj0zSbj57-KLs_y4hGOmnbAEdRihCmROR0p9-nHpitJVJ7ke5YcyiK1YOZHVNl2uNVOmxGVM5Ij53-t25CeMfw5koI9d_M1A6dKxXiBA&pv=2

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvDIE9b_zQHCO_L1PdLsJeID6QT_4S7I6GZ-7PiDcDEIHFx4x_sOMaBpJrqXmFcaGuHOw0mneYHBHsxVF_yTcwDnADPQsZXntwqvsYkBQO7ep0Ws-XIZtT3b63JmsZAo8-w&pv=2

http://s7793.chomikuj.pl/File.aspx?e=DOUqqkQ9Y3EKyuoWRgk9SovZqRrqVLq70h_FlHzaWKCrNv1bZq5oAZWZ0JrOy8yehqePGVJX-D8u_ZUEgQteSK46oerYv8oYIYXkXpA3cpZMvPG01H_11EXA4osqO5qa&pv=2

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvO-gCdDu9IXfg7sUurMu0K-4DATNn1fTpeXoIAyejh82DFj4YwUWXwty2X74kphl8njxkv4e6udJswXCcjdEPjU4-gSpcbmhcdswGDDsfTqov6XKuttFLklneNvXA1cTvw&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvB3b2SAk6-9X45SOrDpmFtECYWQdNH2BlEJ6DYmnRNbUf-GHKtWoCcHSYIgod7txw5_A1jT35AHsAHs_KjBW4Ts_1Sr28-v9Ml_xjLf5XFAN-kYkd4lgFdGd1Q0prYCcAw&pv=2

http://s7652.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvB30h-W6t3JDypDDy9YS4HHVl03jfyp-8BPwLEPH6saXJ5l968FuZh7-_ohZ85G4qWGywTr4B3AgTR7rc-d73U3FrqEB9J0syAYUxA1K4TNGcjGmd-8ZCdvpTrxf0q01xQ&pv=2

http://s6841.chomikuj.pl/File.aspx?e=Se0WTvms-BlbvqsTf6nEvGeHZuAAjagkie7g6MptfOu7FV3YsD79FXdG_NSGj2D7DkSVPzL2rkG0b6yz7BZuFZuPKLuFE3-OjIGaBJKiyRIG-pq8ZFNRXMirNfGl_B_CwzrTqybzalmbKGGDZ-EiDw&pv=2

Scan HEROES3.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.