» hoylepokeronlineinstall.exe
Overview
Analysis
File Details
Programs (3)

hoylepokeronlineinstall.exe

RATIONAL ENTERPRISES, LTDA

This is a setup and installation application.

File name:

Publisher:

RATIONAL ENTERPRISES, LTDA (signed and verified)

MD5:

506cefecfd8dc601def0f9d48219f958

SHA-1:

6a0962a3b44ce33c164371f2724a8c4200422097

SHA-256:

7f839c758549fd34de72594da79a700d5471e42d43781fa19162cb0c05e22f64

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

9/21/2024 2:17:24 AM UTC (today)

Scan engine

Detection

Engine version

Quick Heal

Backdoor.SubSeven.22.a.n7

1.15.14.00

File size:

2.3 MB (2,362,256 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\encore\hoyle casino 2007\hoylepokeronlineinstall.exe

Digital Signature

Signed by:

RATIONAL ENTERPRISES, LTDA

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

10/8/2004 4:43:53 PM

Valid to:

11/7/2005 11:04:34 AM

Subject:

L=San Jose, S=San Jose, C=CR, OU=dev, O="RATIONAL ENTERPRISES, LTDA", CN="RATIONAL ENTERPRISES, LTDA"

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

20827E

File PE Metadata

Compilation timestamp:

9/25/2002 4:30:38 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:S4ySSAiyExqKDquc9vTP+0UZttRi0BfCX6uLRDNoEM+PCt/f4Dvf:SV3A4crQ6dF8ErPdvf

Entry address:

0x4D001

Entry point:

60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, D0, 04, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72... 
[+]

Entropy:

7.9286

Packer / compiler:

ASPack v2.12

Code size:

252 KB (258,048 bytes)

The file hoylepokeronlineinstall.exe has been discovered within the following programs.

Hoyle Card Games by Encore Software

Publisher's description - “Shuffle the cards and deal yourself in to the greatest card game collection of all time.”

www.encoreusa.com

About 6% of users remove it

Hoyle Casino 2007 by Encore Software

Publisher's description - “HOYLE Casino, the best-selling casino game of all time, offers excitement and challenge with over 500 variations of 16 of the most popular casino games.”

About 7% of users remove it

Hoyle Puzzle and Board Games by Encore Software

Publisher's description - “Hoyle Puzzle and Board Games 2012 is the largest collection of puzzle games available for your PC and Mac! This epic collection of over 1,000 puzzle and board game variations includes traditional favorites plus new games to challenge your skill, strategy and wit.”

About 2% of users remove it

Scan hoylepokeronlineinstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.