» legendonline_ar_2.1.1.10303_oas.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

legendonline_ar_2.1.1.10303_oas.exe

LegendOnlin

OASIS GAMES LIMITED

This is a setup program which is used to install the application. The file has been seen being downloaded from img.oasgames.com and multiple other hosts.

File name:

Publisher:

OASIS GAMES LIMITED (signed and verified)

Product:

LegendOnlin

Version:

2.1.1.10303

MD5:

c670f109e4319505e99ba135e146afd3

SHA-1:

4985e62e23d130e516acd6a6c3c37c4b193590c5

SHA-256:

902433dcc7a64d5003807a81b10ec0601b0c9dc532ac76a350127e0f719911d6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 2:53:03 PM UTC (today)

File size:

25.5 MB (26,728,952 bytes)

Product version:

2.1.1.10303

Original file name:

LegendOnline.ex

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

OASIS GAMES LIMITED

Authority:

Symantec Corporation

Valid from:

8/4/2015 3:00:00 AM

Valid to:

9/3/2017 2:59:59 AM

Subject:

CN=OASIS GAMES LIMITED, OU=Software Department, O=OASIS GAMES LIMITED, L=Hong Kong, S=Hong Kong, C=HK

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

508A19B53BD1D7225F3F8951F4B89F29

File PE Metadata

Compilation timestamp:

10/9/2015 9:48:28 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

786432:v/FABWgj5Ivfx/LrN0xxtrRXu6GROlt8qyD:XFRGCBPmlVXu6Gkr8qm

Entry address:

0x198DE

Entry point:

E8, 92, 79, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, 83, 66, 04, 00, C7, 06, 28, C3, 42, 00, C6, 46, 08, 00, FF, 30, E8, A8, 00, 00, 00, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, 8B, 45, 08, C7, 01, 28, C3, 42, 00, 8B, 00, 89, 41, 04, 8B, C1, C6, 41, 08, 00, 5D, C2, 08, 00, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, 83, 66, 04, 00, C7, 06, 28, C3, 42, 00, C6, 46, 08, 00, E8, 12, 00, 00, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 28, C3, 42, 00, E9, 96, 00, 00, 00, 55, 8B, EC, 56, 57, 8B, 7D, 08... 
[+]

Entropy:

7.9981 (probably packed)

Code size:

151.5 KB (155,136 bytes)

The file legendonline_ar_2.1.1.10303_oas.exe has been discovered within the following program.

Baidu Browser by Baidu, Inc.

25% remove it

The file legendonline_ar_2.1.1.10303_oas.exe has been seen being distributed by the following 3 URLs.

http://img.oasgames.com/upload/.../LegendOnline_ar_2.1.1.10303_OAS.exe

https://loar.oasgames.com/?a=download&type=1&down_url=http://img.oasgames.com/upload/.../LegendOnline_ar_2.1.1.10303_OAS.exe&position=home_page

http://loar.oasgames.com/?a=download&type=1&down_url=http://img.oasgames.com/upload/.../LegendOnline_ar_2.1.1.10303_OAS.exe&position=home_page

Scan legendonline_ar_2.1.1.10303_oas.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.