» LOLReplay-0.8.2.1.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

LOLReplay-0.8.2.1.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download1959.mediafire.com and multiple other hosts.

File name:

MD5:

2cd120f390018f334f3729fcc986e908

SHA-1:

308646a497b2251e380afe97b03009b2accc58e0

SHA-256:

cb9e8408dddfeeb470e794edf13585ede029111a054f23f191cdc45ddca918c3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 11:57:08 PM UTC (a few moments ago)

File size:

1.5 MB (1,582,608 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\lolreplay-0.8.2.1.exe

File PE Metadata

Compilation timestamp:

9/26/2011 9:21:38 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:nb4BHST7COMTXrphBwmgkhbOtWqWjXShq7FHJkTKUO1s0v+0AP1A5WD5y8tk9Vxf:bS2pQdMDc5zOKUOWWzKU829Vxi9aX508

Entry address:

0x38AF

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, C0, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 36, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 84, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 18, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 06, 27, 00, 00... 
[+]

Entropy:

7.9750 (probably packed)

Code size:

29 KB (29,696 bytes)

The file LOLReplay-0.8.2.1.exe has been discovered within the following program.

LOLReplay by LeagueReplays.com

Publisher's description - “Just leave the LOLReplay recorder application running in the background. It’s as simple as that! As long as it’s running then LOLReplay will record your matches to your replay directory for you to watch or upload at a later date! ”

www.leaguereplays.com

About 8% of users remove it

The file LOLReplay-0.8.2.1.exe has been seen being distributed by the following 3 URLs.

http://download1959.mediafire.com/3iqphbxy28gg/.../LOLReplay-0.8.2.1.exe

http://download777.mediafire.com/03aaui3h3stg/.../LOLReplay-0.8.2.1.exe

http://www.leaguereplays.com/.../LOLReplay-0.8.2.1.exe

Scan LOLReplay-0.8.2.1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.