home

mt2game.exe

北京乐动卓越科技有限公司

This is a setup program which is used to install the application. The file has been seen being downloaded from update2.locojoy.com.
Publisher:
北京乐动卓越科技有限公司  (signed and verified)

MD5:
a6d9fe09d3a9bfa1d6aaff2b57bc93d2

SHA-1:
103f1561ec0d1017f06db8a3b5bd010d3d417bdf

SHA-256:
1dc8e924271de4ee73085bf462aebafa109fa871afc3591e1ad60790f3168473

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 6:39:58 AM UTC  (today)

File size:
2.2 MB (2,347,720 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
北京乐动卓越科技有限公司

Authority:
VeriSign, Inc.

Valid from:
11/25/2014 4:00:00 PM

Valid to:
1/25/2016 3:59:59 PM

Subject:
CN=北京乐动卓越科技有限公司, O=北京乐动卓越科技有限公司, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
16512FCD8EAED2DB66CC0E854FAF5416

File PE Metadata
Compilation timestamp:
9/5/2015 7:55:43 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:mFjzCtNjT8BrFsNkVR7Wg1WuQxezurcaPhQ2csutgFl0/Suui:wkIB7R7WgouQTQ2cHtHS0

Entry address:
0x18BCD

Entry point:
E8, 4A, A6, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 68, E4, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 04, E1, 42, 00, C9, C2, 08, 00, FF, 35, 60, A7, 43, 00, FF, 15, B8, E0, 42, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, A3, 48, 00, 00, 6A, 01, 6A, 00, E8, 57, 2B, 00, 00, 83, C4, 0C, E9, 1C, 2B, 00, 00...
 
[+]

Entropy:
7.9565  (probably packed)

Code size:
179 KB (183,296 bytes)

The file mt2game.exe has been seen being distributed by the following URL.

http://update2.locojoy.com/mt2/pc/.../MT2Game.exe

Scan mt2game.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.