maingame.exe

MD5:
c19baef6155f1ded9b6fc60cd3669b2f

SHA-1:
815c4cf7eb063168b91615ace4447d6efb0fb555

SHA-256:
33766f9861d6f0d6d41770310fb8ba0f5d075fc18ff0e1a38a2e210f67daacc2

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 5:12:56 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Genome
7.1.1

McAfee
Generic.dx!xpu
5600.7226

VIPRE Antivirus
Trojan.Win32.Generic
21012

File size:
598.5 KB (612,864 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\galaxy\maingame.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:aBPq5u1235zLHSJLgo6FwVj/zXgpYC1UZ2QjkIvVh+FyW:qi5R35zrSxsCjrwrlv8

Entry address:
0x75C08

Entry point:
55, 8B, EC, 83, C4, F0, B8, 60, 58, 47, 00, E8, D0, 06, F9, FF, A1, E4, 7A, 47, 00, 8B, 00, E8, 44, D1, FD, FF, 8B, 0D, 88, 7C, 47, 00, A1, E4, 7A, 47, 00, 8B, 00, 8B, 15, 20, 4C, 47, 00, E8, 44, D1, FD, FF, A1, E4, 7A, 47, 00, 8B, 00, E8, B8, D1, FD, FF, E8, 6B, E3, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
467.5 KB (478,720 bytes)

The file maingame.exe has been discovered within the following programs.

Air Flashback  by MyPlayCity, Inc.
Air Flashback is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
www.MyPlayCity.com
16% remove it
Air Force Missions  by MyPlayCity, Inc.
Air Force Missions is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
10% remove it
Air Invasion  by MyPlayCity, Inc.
Air Invasion is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
8% remove it
Beach Party Craze  by MyPlayCity, Inc.
Beach Party Craze is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
www.girlgamesforfree.net
10% remove it
Cosmic Pirates  by MyPlayCity, Inc.
Cosmic Pirates is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
6% remove it
Deep Voyage  by MyPlayCity, Inc.
Deep Voyage is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
8% remove it
Egypt Ball  by MyPlayCity, Inc.
Egypt Ball is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.
4% remove it
Farm Frenzy 2  by MyPlayCity, Inc.
Farm Frenzy 2 is a casual PC game distributed through the MyPlayCity custom installer. The installer will modify the user's web browser home page and search provider to myplaycity.com for Internet Explorer, Firefox and Chrome.
11% remove it
Free Solitaire World  by MyPlayCity, Inc.
This is a video game distributed via the MyPlayCity installer (which will modify the user's browser homepage and default search provider to myplaycity.com within Internet Explorer, Firefox and Chrome).
3% remove it
Gnomzy  by MyPlayCity, Inc.
Gnomzy is a casual PC game distributed through the MyPlayCity custom installer. The installer will modify the user's web browser home page and search provider to myplaycity.com for Internet Explorer, Firefox and Chrome.
7% remove it
 
Latest 20 of 20 programs
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to 31.b5.adb8.ip4.static.sl-reverse.com  (184.173.181.49:80)

TCP (HTTP):
Connects to li310-193.members.linode.com  (178.79.173.193:80)

TCP (HTTP):
Connects to CUST-245.252.102.5.018.net.il  (5.102.252.245:80)

TCP (HTTP):
Connects to 203.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net  (185.33.220.38:80)

TCP (HTTP):
Connects to 154.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net  (37.252.172.70:80)

TCP (HTTP):
Connects to 103-16-152-143-noc.bsccl.com  (103.16.152.143:80)

Scan maingame.exe - Powered by Reason Core Security