home

piaiprchack_v1_20100623.exe

piaip's Restaurant City Hack

csie.org

This is a setup program which is used to install the application. The file has been seen being downloaded from www.csie.ntu.edu.tw.
Publisher:
csie.org

Product:
piaip's Restaurant City Hack

Version:
0, 0, 0, 0

MD5:
9d8bc33ea8fe5555b9d080d61fbd9636

SHA-1:
2874b4e54bdefdfd1b223fc4cbab5bfad2f23928

SHA-256:
000dfe41842029dd9a8b676b19716f57d73ec8877d3e201ef43da3231867c6b2

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/24/2024 8:51:40 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Packer.Generic!c
2.1.4+

Quick Heal
(Suspicious) - DNAScan
2.16.14.00

Trend Micro House Call
PAK_Generic.008
7.2.39

Trend Micro
PAK_Generic.008
10.465.08

File size:
119.5 KB (122,368 bytes)

Product version:
0, 0, 0, 0

Copyright:
Copyright (C) 2009-2010

Original file name:
piaipRCHack.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\piaiprchack_v1_20100623.exe

File PE Metadata
Compilation timestamp:
6/23/2010 9:53:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:FWjJdA9WM6WU6EHgzICexWh+outvP3HI2i:FuJ+XZEHgzICyWAoS33

Entry address:
0x43730

Entry point:
60, BE, 00, E0, 42, 00, 8D, BE, 00, 30, FD, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 21, 14, 04, 00, 57, 83, C3, 04, 53, 68, 27, 57, 01, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.6419

Code size:
92 KB (94,208 bytes)

The file piaiprchack_v1_20100623.exe has been seen being distributed by the following URL.

http://www.csie.ntu.edu.tw/~piaip/games/swf/.../piaipRCHack_v1_20100623.exe

Scan piaiprchack_v1_20100623.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.