home

Plants vs. Zombies Garden Warfare Installer Wizard.exe

InstallShield

This is a setup and installation application. The file has been seen being downloaded from jeuxx-gratuit.fr and multiple other hosts.
Product:
InstallShield

Version:
1.0.0.0

MD5:
e8dfbb65434180e6da92bd33601de82e

SHA-1:
e6ee311d3d063b30359921619b644790c493494f

SHA-256:
e86cf66435865cb5630ea2488f1cc944ef24455fbc7ab8db12ec40c7ba532af1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
2/25/2025 7:08:25 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1077

File size:
16.8 MB (17,587,200 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
Plants vs. Zombies Garden Warfare Installer Wizard.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\plants vs. zombies garden warfare installer wizard.exe

File PE Metadata
Compilation timestamp:
9/27/2015 11:06:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
393216:JlOJJ7zd981z8q1+qi1W31RLxR+youSaYQ7Ye:JlORS1z8Jp1WLLxJoudj

Entry address:
0xFAF85E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
15.7 MB (16,439,808 bytes)

The file Plants vs. Zombies Garden Warfare Installer Wizard.exe has been seen being distributed by the following 2 URLs.

http://jeuxx-gratuit.fr/JnJUO

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.