masyanyasafricanadventures-spaces.ru.exe

Alawar Entertainment Inc

This is a setup program which is used to install the application. The file has been seen being downloaded from cs09.superfiles.me.
Publisher:
Alawar Entertainment Inc  (signed and verified)

MD5:
971c3790cf55df93e23392f349afed7b

SHA-1:
f0061cc91c27c1aef76adc54081a32bd56562e42

SHA-256:
4290bc6057cb0972f806dcf7a3fa78f22aea1d63bf56a3e1f22aa244a862c9ff

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 5:05:42 PM UTC  (today)

File size:
1.7 MB (1,760,072 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\masyanyasafricanadventures-spaces.ru.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/23/2008 3:00:00 AM

Valid to:
1/2/2012 2:59:59 AM

Subject:
CN=Alawar Entertainment Inc, OU=-, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Alawar Entertainment Inc, L=Alexandria, S=Virginia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
261442C16C7FA2318392D768A351391F

File PE Metadata
Compilation timestamp:
7/7/2011 7:40:48 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:wYOzfK1KiT+ImYBo1tqEPXzgzUA83NaqDZyhsP5:wSLaIXBo1tqQzgzUA0aq9l5

Entry address:
0x1000

Entry point:
68, 01, 40, 66, 00, E8, 01, 00, 00, 00, C3, C3, 22, 95, B1, C2, 6F, BE, F9, 93, E2, AC, E1, BD, E2, 1B, FC, 10, A7, 77, BE, 23, 55, DD, 17, 24, 7A, A9, 30, 0C, 29, 88, 9D, 67, E3, F6, 6D, 5C, C2, AE, 1C, 09, 51, C9, 60, C0, 0A, A4, 31, 59, BF, 6A, 84, 38, 3D, 37, A3, FF, C9, 03, C0, 79, 8A, C7, 48, 29, A1, 88, 9F, DE, 32, 53, 8D, BF, 16, A9, 9A, 27, 47, D8, 1F, 05, 47, 5F, CA, FB, A3, B7, A9, FA, 77, 3D, F1, 65, 6E, C4, 36, AF, 75, C0, 36, 06, 37, 5D, B5, BF, 96, 32, 9B, 68, D6, 36, 96, 3C, 5B, DC, 51, F3...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
67 KB (68,608 bytes)

The file masyanyasafricanadventures-spaces.ru.exe has been seen being distributed by the following URL.

Scan masyanyasafricanadventures-spaces.ru.exe - Powered by Reason Core Security