» pacificpoker.exe
Overview
Analysis
File Details

pacificpoker.exe

Random-Logic Installer

888 Holdings Plc

The application pacificpoker.exe by 888 Holdings Plc has been detected as a potentially unwanted program by 18 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.

File name:

pacificpoker.exe

Publisher:

Random-Logic (signed by 888 Holdings Plc)

Product:

Random-Logic Installer

Description:

Installer

Version:

3.5.0.6

MD5:

8d19f3dd50776ce064e2a665287682f6

SHA-1:

599fe3a97d9c3290a6d4f202fd251f605f5c1127

SHA-256:

7157e1469a315f2cfc8c38ee03a5c4d025428fba40a5cecc4859a9c3616265f8

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 10:22:23 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Adware.Casino.O

7.1.1

AhnLab V3 Security

Unwanted/Win32.Xema

2012.11.07

Avira AntiVirus

GAME/Casino.Gen

7.11.49.22

AVG

Generic

2015.0.3438

Clam AntiVirus

Adware.Agent-1431

0.98/18155

Comodo Security

Application.Win32.AdWare.Poker.~A

14112

Dr.Web

Adware.Casino

9.0.1.0170

Fortinet FortiGate

Adware/Casino

6/19/2014

F-Prot

W32/Adware.AG

v6.4.6.5.141

IKARUS anti.virus

not-a-virus:CasinoOnline

t3scan.1.1.122.0

K7 AntiVirus

Adware

13.154.7828

McAfee

Artemis!8D19F3DD5077

5600.7094

Norman

W32/Casino.Y

11.20140619

nProtect

Trojan-Clicker/W32.Agent.167104

12.11.06.02

Panda Antivirus

Generic Malware

14.06.19.08

Trend Micro House Call

ADW_CASINONET

7.2.170

Trend Micro

ADW_CASINONET

10.465.19

VIPRE Antivirus

Trojan.Win32.Adware

13850

File size:

163.2 KB (167,104 bytes)

Product version:

3, 5, 0, 6

Original file name:

Installer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

888 Holdings Plc

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

6/12/2006 2:00:00 AM

Valid to:

6/13/2007 1:59:59 AM

Subject:

CN=888 Holdings Plc, OU=888, O=888 Holdings Plc, L=Gibraltar, S=Gibraltar, C=GI

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

1F63444DC58873E5FDE4B1CBFE2D81E3

File PE Metadata

Compilation timestamp:

1/12/2006 9:29:39 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:3y+kOL/10H3UnADB/h/OwHdGBjIWVCbGHTYJWfl1iX3cO4e/P86rWiIaLHp066gV:3f+HHewAMWV1HTtrIcg

Entry address:

0x13BFF

Entry point:

55, 8B, EC, 6A, FF, 68, 28, D3, 41, 00, 68, C8, 86, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E4, D0, 41, 00, 33, D2, 8A, D4, 89, 15, 90, EC, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 8C, EC, 44, 00, C1, E1, 08, 03, CA, 89, 0D, 88, EC, 44, 00, C1, E8, 10, A3, 84, EC, 44, 00, 33, F6, 56, E8, 63, 28, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 7E, 48, 00, 00, FF, 15, 68, D1, 41, 00, A3, E8, 02, 45, 00, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

112 KB (114,688 bytes)

Remove pacificpoker.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.