icytower_install.exe

Icy Tower v1.5.1

Free Lunch Design

The program is a setup application that uses the Inno Setup installer. This file is installed with the program Icy Tower v1.5. The file has been seen being downloaded from windows.indir.com and multiple other hosts.
Publisher:
Free Lunch Design   (signed by Free Lunch Design)

Product:
Icy Tower v1.5.1

Description:
Icy Tower v1.5.1 Setup

MD5:
8b5cf6ddb918ada5a0868b5d6bfe0ae1

SHA-1:
5c1b71d3ccb66c94859991c9fe7c63a459bb8bc2

SHA-256:
24600bfa6d9ef561987b4dd9e3488594544ccc04511e51b8447764fae72c2f56

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/25/2024 6:07:13 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
8.9511

Fortinet FortiGate
Riskware/OpenCandy
3/7/2014

File size:
4.6 MB (4,862,288 bytes)

Copyright:
Free Lunch Design

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\icytower_install.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
1/3/2012 6:29:48 PM

Valid to:
12/21/2012 6:47:57 PM

Subject:
CN=Free Lunch Design, O=Free Lunch Design, L=Goteborg, S=Vastra Gotaland, C=SE

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
045A86D3608361

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:sN/h0dWoTRgnUWbjZUojDOMj0wLd77DiIL4r1svgbG+mCoRgG:6/24jDxLdOMc1svgSrgG

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9985

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file icytower_install.exe has been discovered within the following program.

Icy Tower v1.5  by Free Lunch Design
www.freelunchdesign.com
23% remove it
 
Powered by Should I Remove It?

The file icytower_install.exe has been seen being distributed by the following 15 URLs.

http://windows.indir.com/kaydet.php?x=TVRJeE1rQkFRQ0VoSVM1QmMyNHJOR1lsYlRWTnx8fGY1MTM5Y2Q2NmE0NTljYjM4NmNjNWQ3MTE3MDc3MmJj&m=1

https://ln.syncusercontent.com/mfs-60:1a598235022aa2109a9e733d53c9fea2=============================/.../icytower_install.exe

http://s6514.chomikuj.pl/File.aspx?e=gUr5a4psBS8kBo9UaxVvD-m4quiuRn9cmM896P6xMajXkoQPpTEYgDbDfWMnpCg9EfPWMAPOk3zAqNwDyFcYEE-MSsgaRNScw2fyuqUBd9NunNnkDG0yVW1HDR9_keL7v6S7VQHNegFNauS23g8giQ&pv=2

http://www.gamegratis33.com/take_out.php/7ed112a0f8b3e22bd79e3b721c4a249e/526938596a4f796b33716e6c4b552f636e6a2f7a48712e3262392e764d302e3833/.../icytower_install.exe

Scan icytower_install.exe - Powered by Reason Core Security