home

plants-vs-zombies_s1_l1_gf5038t1l1_d2557148411.exe

Big Fish Games

This is a setup program which is used to install the application. The file has been seen being downloaded from plants-v-zombies.ro.softonic.com.
Publisher:
Big Fish Games

Product:
Big Fish Games

Version:
3.3.0.2

MD5:
e9a1f5b7301d80487e8d688fa42dff7d

SHA-1:
3540d71517abcf2a1de50d0b0eae154ae7ba3dd7

SHA-256:
0272b0e2dd33ef0888cf0e5a8e2c723b9e2f8e4d6eaf0aa6bdb878812f0ae105

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 1:33:21 PM UTC  (today)

File size:
308 KB (315,392 bytes)

Product version:
3.3.0.2

Copyright:
2007-2013 Big Fish Games, Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\plants-vs-zombies_s1_l1_gf5038t1l1_d2557148411.exe

File PE Metadata
Compilation timestamp:
12/6/2010 6:35:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:/MLSFJPOmvjPR5sGPaQS6mmbPbn6r/Lu0gh9RGDeAMzRBMDdjK:K8JmmvjPROGPaaD6r/dgTUeAwRBMDdm

Entry address:
0x3249

Entry point:
60, 00, F3, EB, 0B, 69, D9, FC, 99, AD, 2D, 89, D5, C6, C2, 5B, 8D, 2D, C8, 5D, 62, BB, C6, C1, BE, 84, E0, 38, C9, 33, D1, 0F, BE, DE, F6, C0, 55, F3, 46, 43, 73, 06, 80, F6, 08, 0F, B7, EB, 2B, F6, FF, CB, 38, C8, 0F, B6, F9, 8D, 1D, 98, F7, C4, 62, 89, C3, F3, BA, D6, D3, 00, 00, EB, 08, 80, D7, D2, 0F, BF, DF, 28, E5, 81, F2, AD, D8, 00, 00, C7, C3, E9, 28, 21, DE, 86, C1, 0F, B6, FE, 81, F2, 7A, 0B, 00, 00, EB, 08, 80, E8, E6, FF, C0, 0F, B7, FA, 0F, C1, D6, EB, 02, 29, FF, 84, D7, 47, 86, C1, 84, CB...
 
[+]

Entropy:
7.7488  (probably packed)

Code size:
23.5 KB (24,064 bytes)

The file plants-vs-zombies_s1_l1_gf5038t1l1_d2557148411.exe has been seen being distributed by the following URL.

http://plants-v-zombies.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmaGHppyglJg=

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.