» jogobox.exe
Overview
Analysis
File Details
Programs (1)

jogobox.exe

Tibaco internet media B.V.

The application jogobox.exe by Tibaco internet media B.V has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program JogoBox by JogoBox.com.

File name:

jogobox.exe

Publisher:

Tibaco internet media B.V. (signed and verified)

MD5:

c258052ee2ee5675b15da9a68544f8c9

SHA-1:

29de2ce4437c9d7986ac5eaf6cca48a765e89185

SHA-256:

c063310dee39da79461ed64ff631ae52eab06e74a933de836567523a5d1a88d5

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/16/2024 9:07:06 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.8.13.4

File size:

4.8 MB (4,985,944 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\jogobox\jogobox.exe

Digital Signature

Signed by:

Tibaco internet media B.V.

Authority:

Thawte, Inc.

Valid from:

11/6/2012 12:00:00 AM

Valid to:

1/3/2014 11:59:59 PM

Subject:

CN=Tibaco internet media B.V., O=Tibaco internet media B.V., L=Eindhoven, S=Noord-Brabant, C=NL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

7E51EFE78A933A809E7F89C0E80B7317

File PE Metadata

Compilation timestamp:

10/16/2012 10:14:21 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

98304:xxmgSDLG10BMhKvIGJTjcY45/dYVt4atpTWgZzDR4/J45/dYVt4atpTWgZ9:UKqBauTjVw/QtpfH4Bw/Qtpff

Entry address:

0x4E8FF

Entry point:

E8, 24, 94, 00, 00, E9, 89, FE, FF, FF, B8, 6D, 88, 45, 00, A3, 50, 0E, 48, 00, C7, 05, 54, 0E, 48, 00, 63, 7F, 45, 00, C7, 05, 58, 0E, 48, 00, 17, 7F, 45, 00, C7, 05, 5C, 0E, 48, 00, 50, 7F, 45, 00, C7, 05, 60, 0E, 48, 00, B9, 7E, 45, 00, A3, 64, 0E, 48, 00, C7, 05, 68, 0E, 48, 00, E5, 87, 45, 00, C7, 05, 6C, 0E, 48, 00, D5, 7E, 45, 00, C7, 05, 70, 0E, 48, 00, 37, 7E, 45, 00, C7, 05, 74, 0E, 48, 00, C3, 7D, 45, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, 12, 9F, 00, 00, DB... 
[+]

Entropy:

7.9279 (probably packed)

Code size:

431 KB (441,344 bytes)

The file jogobox.exe has been discovered within the following program.

JogoBox by JogoBox.com

jogobox.com

About 1% of users remove it

Remove jogobox.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.