home

lego-worlds-1797-torrent.exe

Amulet

The application lego-worlds-1797-torrent.exe by Amulet has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from downloader.disk.yandex.ru.
Publisher:
Amulet  (signed and verified)

MD5:
037644631b365a1e9d9a92ac34bc68ae

SHA-1:
ba7171cb28c189879ae5fb1e066d4e05a03e020a

SHA-256:
4c97f5b1311229842b3553842be4c2a113ed37410ab97f64ae586f10f225db51

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 2:02:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FileTour (M)
17.3.2.13

File size:
1.8 MB (1,836,544 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\lego-worlds-1797-torrent.exe

Digital Signature
Signed by:
Amulet

Authority:
COMODO CA Limited

Valid from:
12/18/2015 6:00:00 AM

Valid to:
12/18/2016 5:59:59 AM

Subject:
CN=Amulet, O=Amulet, POBox=127015, STREET="Vyatskaya, 70, pom.1", L=Moscow, S=Moscow state, PostalCode=127015, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B48E86D275ECE7BFC0A62B206428EDAC

File PE Metadata
Compilation timestamp:
6/7/2016 12:34:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x213000

Entry point:
68, 00, 04, 0A, 00, 5B, 81, EB, 00, 0F, 05, 00, 33, C9, 4B, E0, FD, E9, F3, 10, 00, 00, 2B, 4B, BA, 0E, 45, EC, 00, E9, 12, 18, 00, 00, 89, AC, 94, 2D, F0, 44, B0, FF, 68, 61, 33, D9, D7, 9C, 81, 44, 24, 04, 02, 19, 88, 28, 9D, C3, F3, 03, 49, FF, E0, 68, ED, 3E, 61, 00, 9C, FF, 44, 24, 04, 9D, C3, 63, D6, 2B, 81, C1, 4A, A7, 11, 00, 68, A3, 42, 61, 00, C3, AD, 95, 89, 0A, 68, B0, 2D, 23, E0, 9C, 81, 6C, 24, 04, FA, D3, C1, DF, 9D, C3, 1D, 0C, FF, E0, E9, 4D, 23, 00, 00, 98, 8D, 64, 24, 04, E9, 69, 02, 00...
 
[+]

Code size:
885.5 KB (906,752 bytes)

The file lego-worlds-1797-torrent.exe has been seen being distributed by the following URL.

https://downloader.disk.yandex.ru/disk/7e73c4ac6d7eb491594d286fa265ceaeda1eab65b94c89b21770aebc7747be8c/5756725e/.../x-msdownload&fsize=1836544&hid=95f2a844b1b4b3f75fdc500334105d71&media_type=executable&tknv=v2&etag=037644631b365a1e9d9a92ac34bc68ae

Remove lego-worlds-1797-torrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.