metin2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download2157.mediafire.com and multiple other hosts.
MD5:
e3f6c55d047bd98b936ab6ac9435890c

SHA-1:
7617ea55d1596776f81152f316f83908e7d4ad9c

SHA-256:
3b0705204ed9fcd0c6e33032adadf2e61cbf81c62680d508d34981f7dc38c8da

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 2:52:16 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0609
7.2.309

File size:
4.2 MB (4,393,137 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\metin2\metin2.exe

File PE Metadata
Compilation timestamp:
8/9/2011 3:02:26 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:JBQtYHcq0dkHhLYkjiKmrrOsKWTJMXStcM9Zb8YFcwMOdOC:JBAYHcq0dkHhumatz8KxR

Entry address:
0x1795B1

Entry point:
E8, DD, 1F, 01, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, B8, FF, FF, 00, 00, 8B, C8, 83, EC, 14, 66, 39, 4D, 08, 0F, 84, 9A, 00, 00, 00, 53, FF, 75, 0C, 8D, 4D, EC, E8, D5, D6, FF, FF, 8B, 4D, EC, 8B, 51, 14, 33, DB, 3B, D3, 75, 14, 8B, 45, 08, 8D, 48, BF, 66, 83, F9, 19, 77, 03, 83, C0, 20, 0F, B7, C0, EB, 61, 56, B8, 00, 01, 00, 00, 8B, F0, 66, 39, 75, 08, 5E, 73, 29, 8D, 45, EC, 50, 6A, 01, FF, 75, 08, E8, 63, 20, 01, 00, 83, C4, 0C, 85, C0, 0F, B7, 45, 08, 74, 39, 8B, 4D, EC, 8B, 89, CC, 00, 00, 00...
 
[+]

Code size:
1.9 MB (2,022,400 bytes)

The file metin2.exe has been discovered within the following program.

Metin2  by Gameforge 4D GmbH
Metin2 is a Massively Multiplayer Online Role-Playing Game A long time ago there was only a single empire that existed in the continent. The land experienced tranquility and peace and did not know the conflating deadly diseases that spread around the world.
www.gameforge.de
11% remove it
 
Powered by Should I Remove It?

The file metin2.exe has been seen being distributed by the following 2 URLs.

http://download2157.mediafire.com/pz7q338pc2rg/.../metin2.exe

Scan metin2.exe - Powered by Reason Core Security