» nba_2k14-reloaded_downloader.exe
Overview
Analysis
File Details

nba_2k14-reloaded_downloader.exe

Lucky Driver LLC Installer

LuckyDriver Inc LLC group

The application nba_2k14-reloaded_downloader.exe, “SimpleFiles Installer” by LuckyDriver Inc group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software.

File name:

Publisher:

Lucky Driver LLC (signed by LuckyDriver Inc LLC group)

Product:

Lucky Driver LLC Installer

Description:

SimpleFiles Installer

Version:

1, 0, 1006, 1

MD5:

378e3fc61d03c2e4f202f0a60782fc11

SHA-1:

2f636e83dd4028fbc85ea7f1c80b06d74570256b

SHA-256:

91fef81fb20f3c5857df621daa0614e44cf628442e1bedca5a4ad0ccaa28f372

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 2:29:13 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ExpressDownloader (M)

17.3.16.12

File size:

3.2 MB (3,393,608 bytes)

Product version:

1.0.0.1

Original file name:

SimpleFiles.exe

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\users\{user}\downloads\nba_2k14-reloaded_downloader.exe

Digital Signature

Signed by:

LuckyDriver Inc LLC group

Authority:

LuckyDriver Inc LLC group

Valid from:

9/22/2015 3:08:07 PM

Valid to:

9/21/2016 3:08:07 PM

Subject:

CN=LuckyDriver LLC, OU=LuckyDriver LLC, O=LuckyDriver Inc LLC group, S=Manchester, C=UK

Issuer:

CN=LuckyDriver LLC, C=UK, S=Manchester, L=Manchester, E=admin@luckydrive.com, OU=LuckyDriver LLC, O=LuckyDriver Inc LLC group

Serial number:

100001

File PE Metadata

Compilation timestamp:

9/18/2015 2:44:34 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0x437441

Entry point:

60, 9C, 88, 64, 24, 08, 68, F4, AA, 0A, 2B, C7, 44, 24, 24, 01, 66, 8F, 2E, E8, A6, FD, FF, FF, E8, CC, 78, 2D, 00, 9C, FF, 74, 24, 04, 60, 8D, 64, 24, 34, E8, 4B, E4, FD, FF, E8, 23, 61, 2D, 00, 9C, 8A, 04, 38, 68, E9, D8, 16, 89, E9, 4F, E5, 2C, 00, 6D, B3, B5, B5, 05, 7E, 8F, 9F, C7, 11, 3E, 42, 93, DD, EA, FE, 27, 89, 8A, DE, E7, 59, 72, DE, FB, 05, 52, CE, C3, ED, 0A, 2E, 4F, 81, CF, 5A, 52, 77, 7F, FB, C9, A6, 00, 38, 4D, 6B, BB, 51, 0A, F6, 9F, 32, 6E, 30, F1, 72, 12, 08, 50, 90, A1, DF, B9, BB, 6E... 
[+]

Code size:

1.5 MB (1,584,128 bytes)

Remove nba_2k14-reloaded_downloader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.