javaflashnbb.exe

Tibia Player

CoffeeCup Software

The executable javaflashnbb.exe has been detected as malware by 15 anti-virus scanners.
Publisher:
CipSoft GmbH   (signed by CoffeeCup Software)

Product:
Tibia Player

Description:
Tibia Player

Version:
10.00

MD5:
c0c6b21a562a030070075bc842370b5a

SHA-1:
9614291db8547d78526de0ae3fc056e9b0865dab

SHA-256:
37a609364b2d808ca37155b40426d88301ae128e1d3fa172ae4e57ab4b129b18

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
12/26/2024 1:49:03 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Razy.117889
-23

Avira AntiVirus
TR/Injector.sdhjp
8.3.3.4

Arcabit
Trojan.Razy.D1CC81
1.0.0.792

avast!
Win32:Malware-gen
2014.9-170226

AVG
Inject3
2018.0.2455

Baidu Antivirus
Win32.Trojan.WisdomEyes.16070401.9500
4.0.3.17226

Bitdefender
Gen:Variant.Razy.117889
1.0.20.285

Emsisoft Anti-Malware
Gen:Variant.Razy.117889
8.17.02.26.05

ESET NOD32
Win32/Injector.DJLZ (variant)
11.14726

Fortinet FortiGate
W32/GenKryptik.QBG!tr
2/26/2017

F-Secure
Gen:Variant.Razy.117889
11.2017-26-02_1

G Data
Gen:Variant.Razy.117889
17.2.25

K7 AntiVirus
Trojan
13.247.22025

MicroWorld eScan
Gen:Variant.Razy.117889
18.0.0.171

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

File size:
2.3 MB (2,444,712 bytes)

Product version:
10.00

Copyright:
Copyright (C) CipSoft GmbH 2002-2016

Trademarks:
Tibia is a registered Trademark of CipSoft GmbH

Original file name:
Player.exe

File type:
Executable application (Win32 EXE)

Language:
Búlgaro (Bulgária)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\javaflashnbb.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
2/2/2016 10:00:00 PM

Valid to:
4/3/2019 8:59:59 PM

Subject:
CN=CoffeeCup Software, O=CoffeeCup Software, L=Roswell, S=Georgia, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
5F6628DB20A983AA898EA7E2CC4DCE63

File PE Metadata
Compilation timestamp:
1/5/2017 12:05:25 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1A00

Entry point:
68, DC, FF, 61, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 6D, AE, 11, 3D, 74, 8B, 61, 40, 9B, 6F, 4C, 73, B1, A4, 15, F9, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 76, 62, 34, 70, 72, 6F, 6A, 65, 63, 74, 56, 62, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 05, 34, 2F, 6A, 8F, 69, CD, 7F, 49, A7, 81, 5B, 1B, EC, 62, 33, F9, 6B, 1A, 3E, E4, 1E, A1, FE, 4F, 98, A7, 6D, 87, B0, A9, 88, D2, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
2.2 MB (2,289,664 bytes)

Remove javaflashnbb.exe - Powered by Reason Core Security