install.exe

Random-Logic Installer

888 Holdings Plc

The application install.exe by 888 Holdings Plc has been detected as a potentially unwanted program by 26 anti-malware scanners.
Publisher:
Random-Logic  (signed by 888 Holdings Plc)

Product:
Random-Logic Installer

Description:
Installer

Version:
3.5.0.6

MD5:
0972eddd484b43168f879a75ae7e6fb4

SHA-1:
ddbc006670e3cb8e045f7a669867795153ed0a5c

SHA-256:
6de8b18779decf77d1c257bc0b20c364403238513f5a51db7911a02abbda0512

Scanner detections:
26 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 10:50:16 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.59500
1124

Agnitum Outpost
Adware.Agent
7.1.1

AhnLab V3 Security
Unwanted/Win32.Xema
2013.11.28

Avira AntiVirus
GAME/Casino.Gen
7.11.116.4

AVG
Generic
2015.0.3602

Baidu Antivirus
CasOnline
4.0.3.1417

Bitdefender
Adware.Generic.59500
1.0.20.35

Clam AntiVirus
Adware.Casino-3
0.98/18155

Comodo Security
ApplicUnwnt.Win32.Adware.CasOnline.8
17344

Dr.Web
Adware.Casino
9.0.1.07

Emsisoft Anti-Malware
Adware.Generic.59500
8.14.01.07.11

Fortinet FortiGate
Adware/Casino
1/7/2014

F-Prot
W32/Adware.AP
v6.4.7.1.166

F-Secure
Adware.Generic.59500
11.2014-07-01_3

G Data
Adware.Generic.59500
14.1.22

IKARUS anti.virus
not-a-virus:AdWare.Win32.Casino.q
t3scan.2.2.29

K7 AntiVirus
Adware
13.174.10333

McAfee
Artemis!0972EDDD484B
5600.7258

MicroWorld eScan
Adware.Generic.59500
15.0.0.21

NANO AntiVirus
Trojan.Win32.Casino.wyuh
0.28.0.56420

Panda Antivirus
Adware/888Bar
14.01.07.11

Sophos
Casino-On-Net downloader
4.95

Total Defense
Win32/CasOnline!Adware
37.0.10498

Trend Micro House Call
ADW_CASINONET
7.2.7

Trend Micro
ADW_CASINONET
10.465.07

VIPRE Antivirus
Trojan.Win32.Generic
23774

File size:
162.8 KB (166,680 bytes)

Product version:
3, 5, 0, 6

Copyright:
Copyright © 2004

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\install.exe

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/17/2007 8:00:00 AM

Valid to:
6/15/2009 7:59:59 AM

Subject:
CN=888 Holdings Plc, OU=888, O=888 Holdings Plc, L=Gibraltar, S=Gibraltar, C=GI

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
4F0594F3B5662C250A7389C7BB925868

File PE Metadata
Compilation timestamp:
1/12/2006 4:34:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:7+R0hajiERTWntMGQhGzRRlKOogPbtL5wbNhYJWfln5lwrlXnN:7J2yR0QbtLONhtlCl9

Entry address:
0x13BFF

Entry point:
55, 8B, EC, 6A, FF, 68, 28, D3, 41, 00, 68, C8, 86, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E4, D0, 41, 00, 33, D2, 8A, D4, 89, 15, C0, EB, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, BC, EB, 44, 00, C1, E1, 08, 03, CA, 89, 0D, B8, EB, 44, 00, C1, E8, 10, A3, B4, EB, 44, 00, 33, F6, 56, E8, 63, 28, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 7E, 48, 00, 00, FF, 15, 68, D1, 41, 00, A3, 28, 02, 45, 00, E8...
 
[+]

Entropy:
6.1557

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
112 KB (114,688 bytes)

Remove install.exe - Powered by Reason Core Security