home

lu!_tester.exe

Lu! Tester

Level Up! Games

The executable lu!_tester.exe, “Evolução é o exercício constante de se rever os processos. - Woot” has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.levelupgames.com.br and multiple other hosts.
Publisher:
Level Up! Games

Product:
Lu! Tester

Description:
Evolução é o exercício constante de se rever os processos. - Woot

Version:
1,0,0,7

MD5:
f1130d3a9a7ebf92a3e324759bca0ef1

SHA-1:
8acbdbdf7cfd45a9bb355c494dda99b166432c8a

SHA-256:
3ee65e1c6cf15daf2b4a01b9327f097de7413e35956abd708027516c2fc15f40

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/27/2024 4:30:57 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/DH{AQA2NYESgRMgJCIl}
2016.0.2934

Bkav FE
HW32.Packed
1.3.0.4959

McAfee
Artemis!F1130D3A9A7E
5600.6590

Norman
MPress.C
11.20151105

Rising Antivirus
PE:Trojan.Win32.Generic.14BC94FF!347903231
23.00.65.151103

VIPRE Antivirus
Trojan.Win32.Generic
34896

File size:
624.5 KB (639,488 bytes)

Product version:
1,0,0,7

Copyright:
@2013 Level Up! Games - Todos os direitos reservados.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\lu!_tester.exe

File PE Metadata
Compilation timestamp:
3/25/2011 10:17:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.50

CTPH (ssdeep):
12288:sCVt/aJ6KJvQVvES71uijxYrrBQd3QJxwvK5555555555555555555:soCPJYiSpuijxYrEA

Entry address:
0xA71E7

Entry point:
60, E8, 00, 00, 00, 00, 58, 05, 5A, 0B, 00, 00, 8B, 30, 03, F0, 2B, C0, 8B, FE, 66, AD, C1, E0, 0C, 8B, C8, 50, AD, 2B, C8, 03, F1, 8B, C8, 57, 51, 49, 8A, 44, 39, 06, 88, 04, 31, 75, F6, 2B, C0, AC, 8B, C8, 80, E1, F0, 24, 0F, C1, E1, 0C, 8A, E8, AC, 0B, C8, 51, 02, CD, BD, 00, FD, FF, FF, D3, E5, 59, 58, 8B, DC, 8D, A4, 6C, 90, F1, FF, FF, 51, 2B, C9, 51, 51, 8B, CC, 51, 66, 8B, 17, C1, E2, 0C, 52, 57, 83, C1, 04, 51, 50, 83, C1, 04, 56, 51, E8, 5E, 00, 00, 00, 8B, E3, 5E, 5A, 2B, C0, 89, 04, 32, B4, 10...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
33 KB (33,792 bytes)

The file lu!_tester.exe has been seen being distributed by the following 2 URLs.

http://www.levelupgames.com.br/redirecionador/levelup/.../arquivo-informacoes

ftp://download.levelupgames.com.br/LU!_Tester.exe

Remove lu!_tester.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.