heroes4p.exe

Heroes of Might and Magic IV: Winds of War

The 3DO Company

This is a setup program which is used to install the application. The file has been seen being downloaded from s6915.chomikuj.pl and multiple other hosts.
Publisher:
The 3DO Company

Product:
Heroes of Might and Magic® IV: Winds of War™

Version:
3.0WoW

MD5:
487ebe914da42d51e24dbaf6e512cad3

SHA-1:
575a161773fa89fa1d2323107bda2a0e175d4d79

SHA-256:
810f08646d82260d458a349726577ebf77cd6e0b3d83a51185ce89c13fd23394

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 4:16:31 PM UTC  (today)

File size:
6.6 MB (6,873,088 bytes)

Product version:
3.0WoW

Copyright:
©2003 The 3DO Company. All Rights Reserved.

Trademarks:
3DO, Heroes, Heroes of Might and Magic, The Gathering Storm, Winds of War, New World Computing, and their respective logos are trademarks and/or servi

Original file name:
heroes4.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ubisoft\heroes of might and magic iv - zlota edycja\heroes4p.exe

File PE Metadata
Compilation timestamp:
9/20/1987 5:44:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:y8JKTG8TWahg3EMZQODvlNSWIJK3W3oVgyAkaTLcBY3PJts55W25KoBmI5yBbpad:bBNTcYVaUY39qSL

Entry address:
0x4E1751

Entry point:
55, 8B, EC, 6A, FF, 68, B8, 68, 99, 00, 68, AC, 18, 8E, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, F0, D0, 96, 00, 33, D2, 8A, D4, 89, 15, A8, 01, AD, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, A4, 01, AD, 00, C1, E1, 08, 03, CA, 89, 0D, A0, 01, AD, 00, C1, E8, 10, A3, 9C, 01, AD, 00, 6A, 01, E8, E6, 5C, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 5B, 0A, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
5.4 MB (5,685,248 bytes)

The file heroes4p.exe has been seen being distributed by the following 6 URLs.

http://s6915.chomikuj.pl/File.aspx?e=NDsamjbHd3FrKIvKwKlf9L_ZjGofWKOXqtnyRsus8yLvSwSOOlUvinDygh9OMLMwBKZJ7-ev4bhx2wkgvUYJWZmmGpurZuyl_UeID5QI1BeBTD3AL53_ncTn1T_8phEmNraoggKdxxYIkBuQ1Po7sQ&pv=2

http://s6915.chomikuj.pl/File.aspx?e=NDsamjbHd3FrKIvKwKlf9L_ZjGofWKOXqtnyRsus8yI0N1v8GadWbbAYMBYC9ML_3X3kYHV41PcrnjID6ULh8D58aAgGRjW_ltvuyOVhR8UAwfs8ffTgOd6IMt4ywklaHCrJKqYz0UTBTmHrevNjlQ&pv=2

http://s6915.chomikuj.pl/File.aspx?e=NDsamjbHd3FrKIvKwKlf9L_ZjGofWKOXqtnyRsus8yLyMhanJKQZBvVi-w62dCyWrS3W87lEaIRIdR_J0uhVI4LjPBQ0W3sBswMpc6k5WLrgFXHjFdcui8LwRSosgS3u1iHBTVe3oFVhsBPYVzgUOw&pv=2

http://s10006.chomikuj.pl/File.aspx?e=NDsamjbHd3FrKIvKwKlf9L_ZjGofWKOXqtnyRsus8yLV4X9nsXFCf_IolXTUNWJlH_6MUmgKtDGDbSRrbDJ3zj4ilqdowLKuz2yLqlWvR3Tj5wiXcES1q8m-SXTWh3xz2FeOVuHYnURQ260pfLEhCQ&pv=2

Scan heroes4p.exe - Powered by Reason Core Security