ntoadvanced.exe.exe

Tibia Player

CipSoft GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from download1950.mediafire.com.
Publisher:
CipSoft GmbH

Product:
Tibia Player

Version:
8.54

MD5:
2cd0b131e5e50a5a614c9c908d882b6a

SHA-1:
25bba16de779565dcb4952b6ecd7be4863dfb739

SHA-256:
8baaa2fe539e9fca2216a3106d4a9e641976f68a8eba24d16764c388bd0456e6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 4:43:30 PM UTC  (today)

File size:
28 MB (29,335,107 bytes)

Product version:
8.54

Copyright:
Copyright (C) CipSoft GmbH 2002-2009

Trademarks:
Tibia is a registered Trademark of CipSoft GmbH.

Original file name:
Tibia.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ntoadvanced.exe.exe

File PE Metadata
Compilation timestamp:
12/8/2009 7:45:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:5ShVJ3F/HOOlKaUcagMqdDXJRQk4Qy6rKKSw5bwgLiOIUixYsDeVm:K1/HOTgMAQjQjmOIU2yg

Entry address:
0x3F1B33

Entry point:
E8, 00, 00, 00, 00, 60, E8, 4F, 00, 00, 00, 21, BE, 58, AF, EB, 9D, 4D, 03, AF, B2, 1A, 6A, BA, CF, 4C, 0A, 88, 25, F1, 2A, 06, 10, F0, C0, B8, 1D, 61, 9F, 5F, 67, 42, DE, 06, 68, C1, 0D, 5F, 81, 4F, 40, 7C, 0D, 0D, 82, C5, C5, 29, 37, 5E, E6, A4, 41, 20, BF, A3, B6, 5E, E6, A4, 41, 20, BF, A3, B6, E9, 1A, 6D, 00, 00, E9, 2E, 6D, 00, 00, E9, 29, 6D, 00, 00, E8, 6E, FB, FF, FF, 6E, 04, 01, 00, 84, 99, 00, 00, F9, B2, 8C, B7, 5E, 70, D1, 66, 40, 71, 74, 66, 74, 4F, 91, 1F, E3, 2B, D0, ED, 25, 31, 69, 75, 4B...
 
[+]

Packer / compiler:
MoleBox v2.0

The file ntoadvanced.exe.exe has been seen being distributed by the following URL.

Scan ntoadvanced.exe.exe - Powered by Reason Core Security