lion_king.exe

GameFabrique

The executable lion_king.exe, “Lion King Setup ” has been detected as malware by 2 anti-virus scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.gamefabrique.com and multiple other hosts.
Publisher:
GameFabrique

Description:
Lion King Setup

MD5:
53bf5329f4c8f2a598e2170dc2fed38f

SHA-1:
ef8269c20629dcc8b7d4d174fdb843b939dd0737

SHA-256:
b37982f44b5f9d22e23b73d677ef690c8248bd9a4d950cfa782a87270fd920e7

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
11/23/2024 5:55:49 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodf4d.Trojan
1.3.0.4959

Reason Heuristics
(M)
16.6.5.12

File size:
2.1 MB (2,179,109 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:76dZG4Bn+v6MhH2kDBVPqJ0Z1FCkLs1CR4Ok+1YVbv4e:ed5BM6M52oBVPS81FC8s1CRW+YVb1

Entry address:
0x97F0

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, D6, 98, FF, FF, E8, DD, AA, FF, FF, E8, 00, CD, FF, FF, E8, 47, CD, FF, FF, E8, 3E, F3, FF, FF, E8, A5, F4, FF, FF, 33, C0, 55, 68, 9A, 9E, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 50, 9E, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 5A, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C0, D1, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, 87, 99, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9952

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

The file lion_king.exe has been seen being distributed by the following 33 URLs.

http://www.gamefabrique.com/download/.../lion_king.exe

http://cdn.games4windownloads.com/gePAQ7tgIqWds0Mq5xpsEooszMeski_o0lz7nVqQyUekpyAV_OhqTzKAJg1qGwLq9j7MdMKKbl8NUN9AcLh 1yibOoWO_zGYUjOlF1SmK1sJPogqS0afYFE0PvMQJGc8oDMSAJ0YuNgzmCwat4v iTy2YD1uhMCgDFi1HJ3nyjKFS9iTdpqACt5A7XNh7IkhJsXfl_59ttPniL6lKjY40w5xo_UxQg==-Gy8AAES3eX56nj4uGckiJAgmcuDQogAPas8T3LwxbqAFa3Yfeu5sLwjD8eZRbKoMHw==

http://cdn.games4windownloads.com/C8jKhWbFX8yzHvwJeVbCnt3_vDf1r_0HPs9cLOyf3RAteSJTVvWKBhlGTCFpPl ocLt1C6iIXe2C4nZTrRgF2gNlsPIlSp95xciAPkC12PTfmBJ1sjpXK7DviPupGUFZEHpmVxfuHpLdwvVR5C Nf opBgAWBTJSRt2CaPd7IDJnZpn3hCpjDQT0CFwApx1q_1dXc5uuuiBF8_QqX9JjZ1ofNWOxBUz02pH5rFERb3Um6Z2pLpMuIzJm6Rf2Nb1JK2gVpaP0F SXlkdrJL2oSMZrUF3PWf1VFXss4ibNq ZocGxB2LAJuQ2SZtrChrNHwPqq35B ZRGKIGF14GAml3w3KoYFtGaG1xjmZCWBoySFWkh0PpjMWBzknRzfEhmeKO5Z1O_QT2ptvv30ZGuts317TfvjQCsdnbXSUhElJdcDynLHP2fJPPDTVLm dEyXJKAgPmtU-Gy8AAES3eX56nj4uGckiJAgmcuDQogAPas8T3LwxbqAFa3Yfeu5sLwjD8eZRbKoMHw==-e

http://www.gamegratis33.com/take_out.php/fb50ac45e53ca89e812ec1986e633ac3/5269385969487a5730736f6b47542f5770672f7a48712e3262452e774a322e307a5a/.../lion_king.exe

http://cdn.games4windownloads.com/Ssfnou1CKdbnFLZxmtWautUNKmSjnpVYSx6cGpOlCpuXljr8VmwEJ_bK_6HkGhiwGHmRiwJNGyxfZIio3ap1WaMWOC3z4p0KeyjcJEP5bBhN1w8m74oWDYQJ_YR0865kNboj6q6DRdfZFweWeiDcM6AtQ YSix1aM6s_ 6X8QoxCrxzU2b d6H4B5E7wcre572XHt4rIH4EVNwoxfcQZcSX1lw3W tHIuVsUfWrHLlZvERiOORlcEEudb3Wy1 mw3ON93xwUQ89GXMFys4C3MKpWc9zeJRCwSuMyOoonAhWXdFlp3SEDt9JWZwzMBnfPyrSUsv2ef2r7QYTUgApgQQR3nTkQwiXttcVU6mXm7FdCu4CZt_eYaEMapCT4KlxSZY77PycYSLcp8Yiuu_TThfcea42Pg==-GzgAAERPFpsXrUtmH7sIOOSA_a00gcAs8JCV A B35jxxc6PKhR1kfNguIqmyvIT-e

http://cdn.games4windownloads.com/fnR8_fKasiupUOHE_90nKI6VfSKL_OO9gzCXUw2yTrLPZ7r2 ulqqax_ZMAAFXafa6lur7hQIlBCaM2jpRE 9yMbWQQL6y9S 3VYbBjs1VEyIu2mDsecJm0VHQVEvuKHhER2A88Gnk29iqucYyUdv 8XhOowWb 9Fb2o31R1CCBYU7dD5ur7HE742QqP7uZlrYdUERBeCNqHGx9q6x9z5y0pt UEFVGQ0Lww4 Qdp PDxgzmqiJ_3dyhvvPCh8z3ywPQDA7PY6 UgSLUFJ9bprfezm5FlC88Kw2DK4zrrGtFwjDkUFapUHBMxrhykTD5SFVu3Qaa4zaAQV6EAPIsEg78A61JGX0ijq w_DHmdhfmQC6 FfJ6QfN03cwyzWoUPGscjUhEeF6FlCtuzB_SPDJA54Cix2A1ImSP5s6vYWOsQNWe4cjfhJ73JHJB7PiXQzkKG3Y-Gy8AAES3eX56nj4uGckiJAgmcuDQogAPas8T3LwxbqAFa3Yfeu5sLwjD8eZRbKoMHw==-e

http://s6555.chomikuj.pl/File.aspx?e=Xch4HdhVt62k8BoMCH3dGdfqaTxdVCUBgIaw5fdwI5EaqETVbBVtaGBM8DMEudEfF8aY3QVebqMY9v7XNqEARyQf3blnq_OeOsfK4lcMi3FSr0VTdi39oyjyHZOzqAlu38cM95KM7PX4PYP-Itt5cA&pv=2

http://ddl7.data.hu/get/0/.../lion_king.exe

http://s10563.chomikuj.pl/File.aspx?e=MMimgmZbdGwyMsEmXxWjumaKdwRTl_XEu_IRXfRtbkyFmEbM-yxd8d3KHbzbgW6DmksseMnUpneWYTAXORRZsAhmuuJgewpHjPeFpXs6zQWZiD-c-SKnLfrUtWRtNGmEAV494SRCVWRhOrUrx3W-Wg&pv=2

http://download1585.mediafire.com/h9754x9qux5g/.../lion_king.exe

http://s6555.chomikuj.pl/File.aspx?e=MMimgmZbdGwyMsEmXxWjukbBqcthEkdkgNq7Xl-O-iVy_Y4yxWDgPeUQsU7CqeobUgSmEZ1uoKB1IkvOBOGYWzHfTOufc1x2q_9TXJKs8jrMe-TJT0Brfu_beEr6INMVfIvjXg7CBxCtc4BulkeWFg&pv=2

http://cdn.games4windownloads.com/CJP9 I_LIqzDci9fQR6TTGsMAdBlL_8kEkl3VpBluJBVNdr nnpUBYNF8NIFLWMD08m LSW89CtOC_hdoq2BjxVCXydkZNWHSsoH6UIev Dm0RbLReplZn3AoqMyJr 9V4 wA2zHM3e2lBMiC9sWOrzMAmFmhs3UyZk3JgLVSvAMtV0VRsYDNciT8HOwnLjVtNpZb8vuNAop5BELC7mRz4YaMt5f4yv0KxkBvlVuWAXjpAPYiaQwEYguCq3KZoXJleF4wHKFO R8OgV3HjbojGlWqez0QFnbXPhKaFqiTF6kSmFIVNIWxs0wc2w6O7vTlbChEQEgCoPZKHzmVy5uQCjbAoILI33mSZ5tLNq BgKVfWAcxyyTClZKPFlQrWGgYWipEnisnVEpMwRcX7Llm5GTi23l 9wRE2Lroeh4r4w4awmXD73k0h4npbbE7XqkujRrDGN-Gy8AAES3eX56nj4uGckiJAgmcuDQogAPas8T3LwxbqAFa3Yfeu5sLwjD8eZRbKoMHw==-e

Latest 30 of 33 download URLs

Remove lion_king.exe - Powered by Reason Core Security